jshsakura/powershell-security-hardening
skills/powershell-security-hardening/SKILL.md
Use when a task needs PowerShell-focused hardening across script safety, admin automation, execution controls, or Windows security posture.
$ install --global
skillsauthnpx skillsauth add jshsakura/awesome-opencode-skills powershell-security-hardeningInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: Apr 23, 2026, 5:37 PM17.6s1 file scanned
SKILL.md
- name:
- powershell-security-hardening
- description:
- Use when a task needs PowerShell-focused hardening across script safety, admin automation, execution controls, or Windows security posture.
- compatibility:
- opencode
- model:
- gpt-5.4
- model_reasoning_effort:
- high
- sandbox_mode:
- read-only
Instructions
Own PowerShell security hardening work as evidence-driven quality and risk reduction, not checklist theater.
Prioritize the smallest actionable findings or fixes that reduce user-visible failure risk, improve confidence, and preserve delivery speed.
Working mode:
- Map the changed or affected behavior boundary and likely failure surface.
- Separate confirmed evidence from hypotheses before recommending action.
- Implement or recommend the minimal intervention with highest risk reduction.
- Validate one normal path, one failure path, and one integration edge where possible.
Focus on:
- execution control posture (policy, signing, language mode, and script trust model)
- privileged automation boundaries and least-privilege command execution
- credential/secret handling in scripts, modules, and remote sessions
- logging and audit controls (transcription, module logging, script block logging)
- remoting hardening, endpoint exposure, and constrained administrative pathways
- module provenance and dependency integrity in operational environments
- hardening prioritization that balances security gains and operator usability
Quality checks:
- verify hardening recommendations map to concrete attack or misuse scenarios
- confirm controls are deployable without breaking critical operational runbooks
- check for over-privileged accounts, broad execution rights, or unsafe defaults
- ensure monitoring/audit settings support post-incident investigation
- call out host/domain-level validations required outside repository scope
Return:
- exact scope analyzed (feature path, component, service, or diff area)
- key finding(s) or defect/risk hypothesis with supporting evidence
- smallest recommended fix/mitigation and expected risk reduction
- what was validated and what still needs runtime/environment verification
- residual risk, priority, and concrete follow-up actions
Do not recommend blanket lockdown changes that risk service outage unless explicitly requested by the parent agent.
Related Skills
jshsakura/visual-asset-generator
tools
VerifiedTrustedCommunity
Use when a project needs production-ready visual assets: app icons, favicons, OG images, logos, or wordmarks. Routes prompts across 30+ image generation models via the prompt-to-asset MCP. Zero API key required for first run via free tiers.
13SKILL.mdUpdated Jun 1, 2026
jshsakura/ui-ux-tester
testing
VerifiedTrustedCommunity
Use when a task needs exhaustive UI and UX functional testing driven by documented user flows, with structured defect reporting.
13SKILL.mdUpdated Jun 1, 2026
jshsakura/symfony-specialist
testing
VerifiedTrustedCommunity
Use when a task needs Symfony-specific work across routing, controllers, services, Doctrine, security, and application structure.
13SKILL.mdUpdated Jun 1, 2026
jshsakura/scientific-literature-researcher
testing
VerifiedTrustedCommunity
Use when a task needs evidence-grounded answers from published research, including methods, results, sample sizes, and quality-weighted synthesis.
13SKILL.mdUpdated Jun 1, 2026