Skills
skills/wgpsec/aboutsecurity/nxc-cme/Gen Agent Trust Hub

nxc-cme

Warn

Audited by Gen Agent Trust Hub on Apr 22, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONDATA_EXFILTRATIONEXTERNAL_DOWNLOADSCREDENTIALS_UNSAFE
Full Analysis
  • [COMMAND_EXECUTION]: The skill provides detailed instructions for executing arbitrary commands on remote systems using the -x and -X flags across multiple protocols (SMB, WinRM, MSSQL).
  • [DATA_EXFILTRATION]: It contains commands for harvesting and dumping sensitive credential data, including the local SAM database, LSA secrets, and the domain-wide NTDS.dit Active Directory database.
  • [EXTERNAL_DOWNLOADS]: The skill references external GitHub repositories for the NetExec and CrackMapExec security tool projects.
  • [CREDENTIALS_UNSAFE]: The documentation includes example passwords and NTLM hashes for demonstration purposes while providing techniques for automated, large-scale credential testing and password spraying.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Apr 22, 2026, 10:08 AM