windows-ops
Pass
Audited by Gen Agent Trust Hub on Jun 21, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [SAFE]: No malicious patterns, obfuscation, or unauthorized data exfiltration were detected. The skill demonstrates high technical quality and follows security best practices, such as using the StartupApproved registry mechanism to allow non-administrative users to manage startup items, adhering to the principle of least privilege.
- [COMMAND_EXECUTION]: The skill makes extensive use of standard Windows management tools and PowerShell cmdlets (e.g., Get-WinEvent, Get-CimInstance, robocopy.exe, and Set-ItemProperty) for legitimate diagnostic and operational tasks. These commands are used to audit system health, identify hardware failures, and manage system configuration.
- [EXTERNAL_DOWNLOADS]: Technical documentation and hints reference well-known external diagnostic and recovery tools from established sources (e.g., smartmontools, gddrescue, and PECmd), but the provided scripts do not perform automated downloads or execute code from untrusted remote servers.
- [DATA_EXFILTRATION]: While the scripts access sensitive system metadata, including event logs and registry configurations, they do not contain any logic for transmitting this information to external or untrusted domains. The remote diagnostic capabilities rely on standard, user-configured PowerShell Remoting (WinRM or SSH).
Audit Metadata