powershell-master

[Skill Scanner] Skill instructions include directives to hide actions from user All findings: [HIGH] autonomy_abuse: Skill instructions include directives to hide actions from user (BH009) [AITech 13.3] [HIGH] command_injection: PowerShell execution detected (CI005) [AITech 9.1.4] [HIGH] command_injection: PowerShell execution detected (CI005) [AITech 9.1.4] [HIGH] command_injection: PowerShell execution detected (CI005) [AITech 9.1.4] [HIGH] hardcoded_secrets: Generic secret pattern detected (HS005) [AITech 8.2] [HIGH] command_injection: Backtick command substitution detected (CI003) [AITech 9.1.4] [HIGH] command_injection: Backtick command substitution detected (CI003) [AITech 9.1.4] [HIGH] command_injection: Backtick command substitution detected (CI003) [AITech 9.1.4] The analyzed skill fragment is Benign. It describes a legitimate, well-structured PowerShell mastery aid with best-practice guidance, module management, cross-platform considerations, and security-conscious scripting patterns. There are no embedded malicious actions, credential harvesting schemes, or suspicious data exfiltration pathways within the provided content. The footprint is coherent with a documentation/educational helper rather than an executable tool or agent. LLM verification: The provided material is a documentation artifact describing capabilities rather than a runnable component. The risks are documentation-level: hardcoded credential examples, potential guidance to hide actions, and commands patterns that could be misused if copied. Sanitizing the docs, clarifying placeholders, and avoiding any covert-action guidance will mitigate risk. Overall, the fragment is benign in isolation but warrants careful review before publishing or integrating into tooling.