adcs-certipy-attack

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt contains commands that explicitly embed credentials and secret blobs verbatim (e.g., -p PASS, -w PASS, echo "BASE64"), which would require the agent to handle and output secret values directly.

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 1.00). This content provides explicit, step‑by‑step offensive techniques (certificates forgery, NTLM relay, PetitPotam, certopy usage, DCSync) to escalate privileges and steal domain credentials in Active Directory, indicating clear malicious intent and guidance for system compromise.