Skills
skills/nesnilnehc/ai-cortex/review-powershell/Gen Agent Trust Hub

review-powershell

Pass

Audited by Gen Agent Trust Hub on May 7, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection through the analysis of untrusted PowerShell code.
  • Ingestion points: The skill ingests source files, directories, or diffs via the code-scope input defined in SKILL.md.
  • Boundary markers: The instructions lack explicit delimiters or instructions to ignore instructions embedded within the processed code, which could allow comments or strings in the PowerShell scripts to influence the agent's behavior.
  • Capability inventory: The skill's primary capability is generating a structured list of findings. It does not possess capabilities for file-write operations, network access, or command execution beyond the analysis context.
  • Sanitization: There is no evidence of sanitization or validation of the input code to prevent the injection of malicious instructional content.
Audit Metadata
Risk Level
SAFE
Analyzed
May 7, 2026, 05:42 AM