azure-hybrid-lateral
Fail
Audited by Gen Agent Trust Hub on May 4, 2026
Risk Level: HIGHEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
- [COMMAND_EXECUTION]: The skill provides instructions for the agent to execute highly sensitive commands, including directory replication attacks (DCSync), LSASS memory dumping via sekurlsa::cloudap, and the creation of Kerberos silver and golden tickets.
- [EXTERNAL_DOWNLOADS]: The instructions direct the installation of external tools from public repositories, such as the AADInternals module via Install-Module, without specific versioning or integrity verification.
- [REMOTE_CODE_EXECUTION]: The skill instructs the agent to run multiple unverified external scripts, such as shimit.py, partialtofulltgt.py, RequestCert.py, and adconnectdump.py, which are not included in the skill package.
- [DATA_EXFILTRATION]: The skill identifies and targets sensitive local credential stores, specifically instructing the agent to access and read Azure CLI and PowerShell access tokens from the .Azure directory.
- [COMMAND_EXECUTION]: Detailed steps are provided for establishing persistent access through malicious DLL injection into the Password Sync service and the installation of PTASpy backdoors to capture clear-text credentials.
Recommendations
- AI detected serious security threats
Audit Metadata