powershell-master

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly integrates with public package sources (PSGallery/PSResourceGet via Find-PSResource, Install-PSResource/Install-Module) and includes Invoke-RestMethod/Invoke-WebRequest examples that fetch arbitrary public URLs, so it consumes untrusted, user-published content from the open web/PowerShell Gallery.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 0.90). This skill prompt includes explicit admin-level PowerShell commands that create/modify system-wide configurations (Register-PSSessionConfiguration, New-CIPolicy/ConvertFrom-CIPolicy writing to System32, machine-scoped environment changes, registry keys for ScriptBlockLogging), which require elevation and change the host's security/system state, so it should be flagged.