windows-builder

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's required PowerShell provisioners fetch and execute public third‑party code—e.g., DownloadString('https://community.chocolatey.org/install.ps1') in the Chocolatey install step and Install-Module PSWindowsUpdate—which ingests untrusted web-hosted scripts/modules that can materially alter build behavior.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 1.00). The skill's PowerShell provisioner executes remote code at runtime via iex ((New-Object System.Net.WebClient).DownloadString('https://community.chocolatey.org/install.ps1')), so https://community.chocolatey.org/install.ps1 is fetched and executed during the build.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 1.00). This skill contains PowerShell provisioners that configure WinRM, modify firewall rules, install Windows features, stop/start services, and remove files under C:\Windows — all administrative actions that change the host/image system state and require elevated privileges.