ClawHub

Pentest Active Directory

Security checks across malware telemetry and agentic risk

Overview

This does not look like malware, but it is presented as a real Active Directory testing skill while the code only generates placeholder reports and canned findings.

Install only if you understand this appears to be a scaffold or placeholder, not a working Active Directory assessment tool. Do not rely on its findings as evidence of real testing, and avoid feeding it secrets, credentials, or sensitive engagement data unless you control the output location and retention.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Description-Behavior Mismatch

High
Confidence
97% confidence
Finding
The script advertises Active Directory attack-path assessment but performs no AD enumeration or validation; it only writes placeholder artifacts and a canned finding. In a pentesting workflow, this can create false assurance, misleading operators into believing security testing occurred when no meaningful validation was performed.

Intent-Code Divergence

Medium
Confidence
93% confidence
Finding
The module docstring and CLI description claim AD privilege-escalation mapping, but the implementation is only a placeholder artifact generator. This mismatch is dangerous because users may rely on the stated capability during authorized security operations and miss real identity attack paths.

Ssd 3

Medium
Confidence
95% confidence
Finding
The loaded input payload is written verbatim into output artifacts, which can expose sensitive user-provided data, credentials, internal hostnames, or other confidential content to downstream storage, logs, or report consumers. In a security-testing context, payloads often contain especially sensitive material, so preserving them unredacted increases disclosure risk.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal