Skills
skills/wgpsec/aboutsecurity/ad-acl-abuse/Gen Agent Trust Hub

ad-acl-abuse

Pass

Audited by Gen Agent Trust Hub on May 8, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill provides educational content and command-line examples for security professionals, focusing on identifying and abusing dangerous Access Control Entries (ACEs) such as GenericAll, WriteDACL, and WriteOwner.
  • [SAFE]: References are made to well-known open-source security tools (e.g., Impacket, pywhisker, bloodhound-python, bloodyAD) on GitHub, which are standard in the security community.
  • [SAFE]: No automated script execution, unverified binary downloads, or prompt injection patterns were detected. The skill functions as a documentation resource rather than an executable script.
  • [SAFE]: All credentials and sensitive data paths in examples use generic placeholders (e.g., 'user:pass', 'DC_IP', 'NewP@ss123!'), following safe documentation practices.
  • [SAFE]: The skill includes OPSEC (Operations Security) warnings and cleanup instructions, which are consistent with legitimate security research and professional penetration testing methodologies.
Audit Metadata
Risk Level
SAFE
Analyzed
May 8, 2026, 03:43 AM