Skill Trust Decision
elevated-task-runner
Skill executes arbitrary user-supplied commands via Invoke-Expression with elevated privileges; suspicious phrasing about 'validating vetting tools' suggests anti-analysis intent.
Most direct threat evidence
Critical RCE
Arbitrary PowerShell Command Execution Script uses Invoke-Expression on user-provided task file content, allowing execution of any PowerShell commands. No input validation or sanitization is performed.
run.ps1.txt:67 Why this conclusion was reached
1/4 dimensions flagged Pass
Declared vs actual capability
Declared resources and inferred behavior are broadly aligned.
Pass
Hidden execution and egress
No obvious high-risk egress or execution signals were found.
Block
Attack chain and severe findings
The report includes 3 attack-chain steps and 3 severe findings.
Review
Dependencies and supply chain hygiene
Dependency information is incomplete, so supply-chain confidence stays limited.
Attack Chain
01
Attacker creates tasks.txt with malicious PowerShell commands
Entry · tasks.txt:1
02
Script requests elevation via RunAs
Escalation · run.ps1.txt:27
03
Invoke-Expression executes arbitrary commands as Administrator
Impact · run.ps1.txt:67
What drove the risk score up
Arbitrary code execution via Invoke-Expression +35
Executes any PowerShell commands from user-provided task file without sanitization
Elevation request with anti-analysis framing +25
SKILL.md explicitly states 'requests elevation to validate vetting tools' - suggests evasion intent
Self-documented eval behavior +15
Comment in code states 'eval-like behavior' confirming intentional design
Most important evidence
Critical RCE
Arbitrary PowerShell Command Execution
Script uses Invoke-Expression on user-provided task file content, allowing execution of any PowerShell commands. No input validation or sanitization is performed.
run.ps1.txt:67 Remove Invoke-Expression usage entirely. Use allowlisted safe commands or a sandboxed execution environment.
Critical Priv Escalation
Requests Administrator Elevation
Script re-launches itself with RunAs Administrator to execute commands with elevated privileges. Any command in the task file runs as admin.
run.ps1.txt:27 Avoid requesting elevation for arbitrary task execution. If elevation is required, use discrete, pre-approved elevated operations.
High Prompt Injection
Evasion Language in Documentation
SKILL.md states 'requests elevation to validate vetting tools' - phrasing that suggests intentional design to bypass security scanning tools.
SKILL.md:19 Treat this phrasing as a red flag. Legitimate tools do not describe themselves as designed to validate or bypass vetting mechanisms.
Declared capability vs actual capability
Shell Pass
Declared WRITE
→ Inferred ADMIN
run.ps1.txt:67 - Invoke-Expression executes arbitrary commands Filesystem Pass
Declared WRITE
→ Inferred WRITE
Writes logs to OutDir Suspicious artifacts and egress
No obvious IOC was extracted.
Dependencies and supply chain
There are no structured dependency warnings.
File composition
3 files · 127 lines
Text 1 files · 84 linesMarkdown 1 files · 37 linesJSON 1 files · 6 lines
Files of concern · 2
run.ps1.txt Arbitrary PowerShell Command Execution · Requests Administrator Elevation
SKILL.md Evasion Language in Documentation
Other files · _meta.json
Security positives
Skill documentation is transparent about Invoke-Expression usage (though the behavior is still dangerous)
Task file lines starting with # are correctly ignored as comments
Error handling is present for task execution