review-powershell
Pass
Audited by Gen Agent Trust Hub on Mar 11, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No prompt injection patterns were identified. The skill instructions explicitly restrict the agent's behavior to technical PowerShell review tasks and provide clear boundaries against performing unauthorized security or architecture analyses.
- [SAFE]: No data exposure or exfiltration vectors were found. The skill does not handle credentials, access sensitive file paths (e.g., SSH keys, AWS configs), or perform network operations.
- [SAFE]: No obfuscation or hidden content was detected. The instructions and documentation are provided in clear, plain text without any encoded payloads or homoglyph substitutions.
- [SAFE]: No external dependencies, remote code downloads, or dynamic execution mechanisms are present. The skill does not install packages or execute code at runtime.
- [SAFE]: Indirect Prompt Injection Surface: While the skill ingests untrusted PowerShell code (input_schema: code-scope), it lacks the capabilities (network, file-write, subprocess) necessary for an attacker to leverage injected instructions. The output is strictly constrained to a findings list format, minimizing the risk of instruction override.
Audit Metadata