windows-builder

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's PowerShell provisioners explicitly download and execute code from public third‑party sources (e.g., DownloadString('https://community.chocolatey.org/install.ps1') in the "Install Software" provisioner and Install-Module PSWindowsUpdate from the public PowerShell Gallery), so untrusted, user-maintained content is fetched and consumed at runtime.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The provisioner runs at runtime and directly executes remote code via PowerShell iex((New-Object System.Net.WebClient).DownloadString('https://community.chocolatey.org/install.ps1')), so the skill depends on that external script to install Chocolatey.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 1.00). This skill contains PowerShell provisioners that configure WinRM, modify firewall rules, install Windows features, stop/start services, and remove files under C:\Windows — all administrative actions that change the host/image system state and require elevated privileges.