powershell-skill
Pass
Audited by Gen Agent Trust Hub on Mar 16, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: Provides guidance for performing system administration tasks, including process management, file system operations, and network configuration as described in SKILL.md and references/powershell-alias-guide.md.
- [COMMAND_EXECUTION]: Details how to modify system security settings by changing the ExecutionPolicy and demonstrates bypassing restrictions using the -ExecutionPolicy Bypass parameter in evals/evals.json and references/powershell-alias-guide.md.
- [COMMAND_EXECUTION]: Instructs users on modifying the PowerShell Profile ($PROFILE) to ensure custom aliases and functions persist across sessions, which is a standard persistence mechanism in PowerShell environments (references/powershell-alias-guide.md).
- [PROMPT_INJECTION]: The skill functions as a code-generation tool that processes untrusted natural language data to create system-level scripts, creating an indirect injection risk.
- Ingestion points: User-provided automation and scripting requirements via prompts (SKILL.md, evals/evals.json).
- Boundary markers: Absent. The skill does not provide instructions to the agent to distinguish between administrative intent and embedded malicious instructions.
- Capability inventory: File-system writing to profiles, execution policy modification, process management, and .NET interop (SKILL.md, references/powershell-alias-guide.md).
- Sanitization: Absent. There are no guidelines for escaping or validating user input before incorporating it into generated PowerShell code.
Audit Metadata