chemax-fallout4

[Skill Scanner] PowerShell execution detected All findings: [HIGH] command_injection: PowerShell execution detected (CI005) [AITech 9.1.4] [HIGH] command_injection: Backtick command substitution detected (CI003) [AITech 9.1.4] [HIGH] command_injection: PowerShell execution detected (CI005) [AITech 9.1.4] [HIGH] command_injection: PowerShell execution detected (CI005) [AITech 9.1.4] The skill's declared purpose (translating NL into Fallout 4 console commands and executing them) aligns with the documented file reads (items.json) and the send-command/bridge mechanism. However, the skill instructs automatic, non-interactive execution of local setup scripts and starts a persistent background PowerShell process without requiring explicit user consent — and it allows the agent to run arbitrary shell/PowerShell commands. Those behaviors are disproportionate for a simple translator and create a high-risk execution surface (persistence, filesystem scanning, potential for local-script tampering leading to arbitrary code execution). I rate this skill SUSPICIOUS: acceptable only with user awareness, manual verification of the setup/bridge scripts, and least-privilege restrictions; otherwise treat it as a security risk. LLM verification: Functionality is consistent with a local helper skill for translating NL to Fallout 4 console commands, but the delivery/execution model (automatic first-run setup, ExecutionPolicy Bypass, auto-started minimized PowerShell bridge that injects keystrokes) is a high-risk supply-chain pattern. No explicit evidence of remote exfiltration, hardcoded credentials, or obfuscation is present in the provided text, but the omitted helper scripts are high-value sinks and must be audited. Treat this package

The code implements a remote code execution via in-process shellcode injection into Fallout4.exe to run arbitrary user-provided commands. While potentially useful for modding, it presents significant security and reliability risks and should not be distributed as a general-purpose library without explicit safeguards, consent, and bounded scope.