install-sandbox-psu
Pass
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Fetches product release information from devolutions.net and downloads PowerShell Universal binary packages from the official Devolutions CDN (cdn.devolutions.net).\n- [COMMAND_EXECUTION]: Dynamically generates PowerShell management scripts (Start-Sandbox.ps1 and Remove-Sandbox.ps1) within the sandbox root to handle server lifecycle and cleanup.\n- [COMMAND_EXECUTION]: Utilizes Start-Process to launch the PowerShell Universal server and Stop-Process to terminate sandbox instances.\n- [PROMPT_INJECTION]: The skill exposes a surface for indirect instructions by ingesting configuration data from external Git repositories or local directories.\n
- Ingestion points: scripts/Install-PSU.ps1 clones content into the data repository from user-specified Git URLs or local paths.\n
- Boundary markers: No delimiters or ignore-instruction warnings are present.\n
- Capability inventory: The skill can execute processes, perform network requests to the local server, and manage files.\n
- Sanitization: No validation or sanitization is performed on the imported repository content before the server is started.
Audit Metadata