winadmin-powershell

This skill is primarily an administrative guidance document and set of helper patterns for PowerShell-based Windows administration. It contains reasonable, standard PowerShell best-practices and useful helper functions. However, multiple high-risk supply-chain patterns are present: piping remote content to iex (download-and-execute), commands that relax execution policy, and instructions to perform persistent PATH and environment changes and to install third-party packages. These behaviors are not inherently malicious in an admin context, but they greatly increase supply-chain risk, particularly if an attacker can tamper with remote installer sources or trick an administrator into running commands. Recommend: avoid piping remote scripts to iex; require checksum/signature verification for downloaded installers; prefer explicit, vetted installers from package managers over direct remote script execution; and explicitly warn users about the risk of loading .env secrets into the environment. Overall this skill is useful but carries moderate supply-chain and operational risk if used without caution.