portless-ops
Pass
Audited by Gen Agent Trust Hub on Jun 16, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill downloads the
portlesspackage directly from the official npm registry (registry.npmjs.org). This is a legitimate operation for installing the utility. - [COMMAND_EXECUTION]: Provides scripts and instructions for managing a local proxy service, which includes binding to privileged ports (443), modifying the system trust store for local CA certificates, and managing Task Scheduler/system services for boot persistence. These are necessary and documented requirements for the tool's core functionality.
- [PROMPT_INJECTION]: The script
sync-aliases-from-yaml.ps1reads service definitions from aprocess-compose.yamlfile to dynamically executeportless aliascommands. This constitutes an indirect prompt injection surface; however, the risk is minimized by the use of PowerShell's call operator and standard variable passing, and the surface is limited to local configuration files. - [REMOTE_CODE_EXECUTION]: While the skill installs external code, the
install-portless.ps1script implements significant security best practices, including SHA-512 integrity verification against the registry metadata and a heuristic scan for known supply-chain Indicators of Compromise (IOCs).
Audit Metadata