安全决策报告
elevated-task-runner
Skill executes arbitrary user-supplied commands via Invoke-Expression with elevated privileges; suspicious phrasing about 'validating vetting tools' suggests anti-analysis intent.
最直接的威胁证据
严重 代码执行
Arbitrary PowerShell Command Execution Script uses Invoke-Expression on user-provided task file content, allowing execution of any PowerShell commands. No input validation or sanitization is performed.
run.ps1.txt:67 为什么得出这个结论
1/4 个维度触发 通过
声明与实际能力
声明资源与推断能力基本一致。
通过
隐藏执行与外联
当前没有明显的高危外联或执行信号。
阻止
攻击链与高危发现
报告包含 3 步攻击链,另有 3 项高危或严重发现。
复核
依赖与供应链卫生
没有完整依赖信息,供应链判断需要保留弹性。
攻击链
01
Attacker creates tasks.txt with malicious PowerShell commands
初始入口 · tasks.txt:1
02
Script requests elevation via RunAs
权限提升 · run.ps1.txt:27
03
Invoke-Expression executes arbitrary commands as Administrator
最终危害 · run.ps1.txt:67
风险分是怎么被拉高的
Arbitrary code execution via Invoke-Expression +35
Executes any PowerShell commands from user-provided task file without sanitization
Elevation request with anti-analysis framing +25
SKILL.md explicitly states 'requests elevation to validate vetting tools' - suggests evasion intent
Self-documented eval behavior +15
Comment in code states 'eval-like behavior' confirming intentional design
最关键的证据
严重 代码执行
Arbitrary PowerShell Command Execution
Script uses Invoke-Expression on user-provided task file content, allowing execution of any PowerShell commands. No input validation or sanitization is performed.
run.ps1.txt:67 Remove Invoke-Expression usage entirely. Use allowlisted safe commands or a sandboxed execution environment.
严重 权限提升
Requests Administrator Elevation
Script re-launches itself with RunAs Administrator to execute commands with elevated privileges. Any command in the task file runs as admin.
run.ps1.txt:27 Avoid requesting elevation for arbitrary task execution. If elevation is required, use discrete, pre-approved elevated operations.
高危 提示注入
Evasion Language in Documentation
SKILL.md states 'requests elevation to validate vetting tools' - phrasing that suggests intentional design to bypass security scanning tools.
SKILL.md:19 Treat this phrasing as a red flag. Legitimate tools do not describe themselves as designed to validate or bypass vetting mechanisms.
声明能力 vs 实际能力
命令执行 通过
声明 WRITE
→ 推断 ADMIN
run.ps1.txt:67 - Invoke-Expression executes arbitrary commands 文件系统 通过
声明 WRITE
→ 推断 WRITE
Writes logs to OutDir 可疑产物与外联
没有提取到明显 IOC。
依赖与供应链
没有结构化依赖告警。
文件构成
3 个文件 · 127 行
Text 1 个文件 · 84 行Markdown 1 个文件 · 37 行JSON 1 个文件 · 6 行
需关注文件 · 2
run.ps1.txt Arbitrary PowerShell Command Execution · Requests Administrator Elevation
SKILL.md Evasion Language in Documentation
其他文件 · _meta.json
安全亮点
Skill documentation is transparent about Invoke-Expression usage (though the behavior is still dangerous)
Task file lines starting with # are correctly ignored as comments
Error handling is present for task execution