ad-persistence

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). This prompt repeatedly shows and instructs embedding plaintext credentials and NTLM hashes into command-line tools (e.g., DOMAIN/admin:PASS, -nthash KRBTGT_HASH, impacket tool invocations), which would require the LLM to accept and emit secret values verbatim, creating a high exfiltration risk.

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 1.00). This content is an explicit offensive playbook describing multiple deliberate malicious techniques (credential theft via DCSync/Mimikatz, Kerberos ticket forging, DCShadow, AdminSDHolder, WMI/COM/service/register persistence, backdoor DSRM/gMSA abuse, NTLM relay and exfiltration tactics) with concrete commands and cleanup/evasion guidance, suitable for establishing persistent unauthorized access in Active Directory environments.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 1.00). The prompt explicitly instructs privileged, persistent modifications to the host and domain (creating services, scheduled tasks, registry/COM edits, WMI subscriptions, ACL changes, Kerberos ticket forging and use of mimikatz) that alter system and AD state and bypass security—i.e. direct guidance to compromise the machine.