Skills
skills/sarfraznawaz2005/agent-skills-collection/task-scheduler/Gen Agent Trust Hub

task-scheduler

Warn

Audited by Gen Agent Trust Hub on Mar 29, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: The skill instructs the agent to dynamically generate and execute PowerShell scripts in the system temporary directory (%TEMP%) to register jobs in the Windows Task Scheduler using the Register-ScheduledTask command.
  • [EXTERNAL_DOWNLOADS]: The scripts/notify.ps1 script automatically installs the BurntToast PowerShell module from the PowerShell Gallery using Install-Module if the module is not already present on the system.
  • [COMMAND_EXECUTION]: The scripts/agent.ps1 script executes an external command named agent using user-provided strings as the prompt. While the instructions include sanitization steps (such as quoting and newline replacement), there remains a risk of command injection if the AI fails to properly escape adversarial inputs when constructing the registration script.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Mar 29, 2026, 09:21 PM