The Agent Skills Directory

[COMMAND_EXECUTION]: The automation scripts scripts/agent.py and scripts/process.py execute external security utilities such as impacket, netexec, and certipy via the subprocess module. These calls use argument lists rather than shell strings, which is a standard and safer method for programmatically running system commands.
[EXTERNAL_DOWNLOADS]: The skill relies on several external Python libraries and system utilities, including ldap3, impacket, bloodhound-python, and certipy. The documentation provides instructions for users to install these dependencies from standard package registries.
[CREDENTIALS_UNSAFE]: The SKILL.md file and scripts contain hardcoded example credentials (e.g., Password123, EvilPass123, WebPass123). These are clearly identified as documentation placeholders for instructional purposes and are not functional secrets or production credentials.
[PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection via data processed from the network environment.
Ingestion points: The scripts scripts/agent.py and scripts/process.py ingest data from Active Directory via LDAP queries and the standard output of network scanning tools.
Boundary markers: The scripts do not implement explicit boundary markers or instruction-ignoring delimiters for ingested network data.
Capability inventory: The skill includes capabilities for executing system commands (subprocess.run), writing to the file system, and performing network operations.
Sanitization: Basic string parsing is performed to extract information (e.g., splitting lines and whitespace), but no robust validation or sanitization is implemented for content retrieved from the target environment.

performing-active-directory-penetration-test