ad-delegation-attack

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt repeatedly instructs embedding plaintext credentials, hashes, and tickets directly into commands and examples (e.g., /:, -password:P@ssw0rd123, FakePass, <BASE64_TGT>), which requires the agent to handle or emit secret values verbatim.

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 1.00). This is an explicit offensive playbook for Kerberos delegation abuse (unconstrained, constrained, RBCD) containing step‑by‑step commands and tooling to capture TGTs/credentials, configure AD attributes, create machine accounts, perform S4U attacks, DCSync and remote execution—i.e., clear instructions for credential theft, lateral movement and privilege escalation.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 1.00). Flagged because the skill provides explicit, step-by-step offensive actions that create machine accounts, modify Active Directory object attributes (RBCD), perform DCSync/ticket theft and other operations that change the state of target systems and can create accounts/resources (e.g., addcomputer.py, rbcd.py) — i.e. it instructs actions that modify system/domain state and enable compromise.