bloodhound-enum

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt instructs use of BloodHound.py with commands that include plaintext passwords and NTLM hashes passed directly on the command line (e.g., -p 'P@ssw0rd', --hashes ...), which requires the LLM to handle and potentially output secret values verbatim, creating an exfiltration risk.

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 0.90). This content explicitly documents offensive Active Directory enumeration and credential-abuse techniques (e.g. pass‑the‑hash/NTLM hashes, Kerberos ticket reuse, LDAP/DNS enumeration and attack-path analysis) that directly enable unauthorized credential misuse and lateral‑movement in a Windows domain—high risk for malicious use—while not containing obfuscated payloads, hidden backdoors, or explicit external data‑exfiltration endpoints.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 1.00). The skill instructs running a sudo command ("sudo neo4j start"), which directs the agent to obtain elevated privileges and modify the host's running services, so it pushes compromising the machine state.