adinfo-enum

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt explicitly demonstrates commands that include passwords and NTLM hashes as command-line arguments (e.g., -p password, -H NTLM_HASH), which requires embedding secret values verbatim into generated commands.

CRITICAL E005: Suspicious download URL detected in skill instructions.

• Suspicious download URL detected (high risk: 0.80). This is a GitHub repository hosted by an unfamiliar user (not an official vendor); while it’s not a direct executable download link it can host releases or binaries from an untrusted source, so it’s potentially suspicious for distributing malware.

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 1.00). This skill explicitly documents and automates Active Directory reconnaissance and directs follow-up offensive techniques (Kerberoast, AS-REP roast, delegation, trust exploitation, lateral movement and privilege escalation), indicating clear intent to facilitate unauthorized access and compromise of domain environments.