azure-ad-attack
Fail
Audited by Gen Agent Trust Hub on May 4, 2026
Risk Level: HIGHPROMPT_INJECTIONCREDENTIALS_UNSAFECOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
- [PROMPT_INJECTION]: The skill metadata and instructions direct the agent to adopt an offensive methodology for Azure AD/Entra ID environments, providing a structured approach for initial access, privilege escalation, and lateral movement.
- [CREDENTIALS_UNSAFE]: The documentation contains explicit instructions and specific file system paths for harvesting sensitive authentication materials, including session cookies (ESTSAUTH), MSAL token caches, Azure CLI/PowerShell token files, and Primary Refresh Tokens (PRT) from system storage and memory.
- [COMMAND_EXECUTION]: The skill provides numerous pre-formatted commands for conducting password spraying attacks (using tools like MSOLSpray and Trevorspray), performing unauthorized Microsoft Graph API enumeration, and manipulating application credentials to gain elevated access.
- [DATA_EXFILTRATION]: It describes techniques for stealing identity tokens and session cookies to be replayed from external systems, enabling the exfiltration of user identities and persistent unauthorized access to cloud resources.
Recommendations
- AI detected serious security threats
Audit Metadata