← Back to Skills Marketplace

Powershell Sandbox

Name: Powershell Sandbox
Author: yuyonghao-123

by yuyonghao-123 · GitHub ↗ · v0.1.0 · MIT-0

cross-platform ⚠ suspicious

136

Downloads

Stars

Active Installs

Versions

Install in OpenClaw

/install yuyonghao-powershell-sandbox

Description

在受限的 PowerShell 环境中安全执行脚本，支持命令白名单、超时控制、输出限制和文件路径隔离。

Usage Guidance

Do not rely on this package to safely sandbox untrusted PowerShell code in its current form. The repository as provided does not include the core src/sandbox.ps1 implementation even though docs and package.json reference it. The test harness is superficial (it increments passes even when the sandbox script is missing and validates patterns rather than executing enforcement code), so the TEST_RESULTS.md is not strong proof of safety. Before installing or invoking: 1) obtain and review the actual src/sandbox.ps1 source; verify it implements the claimed static checks, .NET type restrictions, job-based timeout termination, output truncation, and file path isolation; 2) refuse to run or enable -AllowNetwork unless you fully trust the script; 3) run the sandbox only in an isolated environment (VM/container) until you audit it; 4) ask the author for a homepage/source repo and real tests that exercise enforcement (not just string checks); 5) avoid giving the agent elevated privileges or running as admin while testing. If you cannot get the sandbox.ps1 source, treat this skill as non-functional and potentially dangerous.

Capability Analysis

Type: OpenClaw Skill Name: yuyonghao-powershell-sandbox Version: 0.1.0 The bundle claims to provide a 'PowerShell Security Sandbox' with advanced safety features like command whitelisting, .NET type restrictions, and code scanning; however, the core implementation file (src/sandbox.ps1) is missing from the provided content. This lack of functional code makes the extensive security claims in SKILL.md and TEST_RESULTS.md unverifiable and creates a 'false sense of security' risk. An AI agent might be misled into executing dangerous user-provided scripts under the assumption they are sandboxed, when the underlying protection mechanism is either absent or potentially a non-functional wrapper.

Capability Assessment

⚠ Purpose & Capability

SKILL.md and package.json claim a sandbox executable at src/sandbox.ps1 (package.json 'main' points to it and the docs show many runtime options), but the file manifest does not include src/sandbox.ps1 or any src/ implementation. That mismatch means the skill as provided cannot deliver the claimed sandbox capability and is therefore incoherent.

⚠ Instruction Scope

The instructions direct the agent to execute an external PowerShell script via exec (e.g., executing skills/powershell-sandbox/src/sandbox.ps1 against paths inside the agent workspace). If the referenced sandbox script is absent or unreviewed, the agent would instead execute whatever script exists at the provided ScriptPath (potentially arbitrary user scripts). The SKILL.md also relies on pre-execution scanning and enforcement, but those enforcement steps are only described in prose — no implementation is present to verify they actually run.

ℹ Install Mechanism

No install spec (instruction-only skill), which lowers install-supply-chain risk. However, because no sandbox implementation is shipped, the lack of install artifacts increases the danger of a false assurance (the docs promise enforcement that isn't present).

✓ Credentials

The skill requests no environment variables, no credentials, and no config paths. The declared environment access is proportionate to a local PowerShell sandbox. There are no unexplained secret or cloud credential requests.

✓ Persistence & Privilege

always is false and the skill is user-invocable; it does not request permanent system-wide privileges. However, because it instructs the agent to exec local PowerShell with user-provided scripts, the runtime privilege depends on how the agent is run (the skill itself doesn't request elevated persistence).

How to Use

Make sure OpenClaw is installed (local or Docker)
Run the install command in chat: /install yuyonghao-powershell-sandbox
After installation, invoke the skill by name or use /yuyonghao-powershell-sandbox
Provide required inputs per the skill's parameter spec and get structured output

Version History

v0.1.0

Initial release of PowerShell sandbox for secure script execution: - Supports safe execution of user scripts with command whitelisting, .NET type restrictions, and pre-execution security scanning. - Provides timeout control (job-based), output limits, and file path isolation to prevent abuse. - Logs and audits all script executions, with clear exit codes for common error conditions. - Customizable whitelist, output, and timeout settings. - Includes test cases, usage instructions, and security recommendations.

Metadata

Slug yuyonghao-powershell-sandbox

Version 0.1.0

License MIT-0

All-time Installs 0

Active Installs 0

Total Versions 1

Frequently Asked Questions

What is Powershell Sandbox?

在受限的 PowerShell 环境中安全执行脚本，支持命令白名单、超时控制、输出限制和文件路径隔离。 It is an AI Agent Skill for Claude Code / OpenClaw, with 136 downloads so far.

How do I install Powershell Sandbox?

Run "/install yuyonghao-powershell-sandbox" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Powershell Sandbox free?

Yes, Powershell Sandbox is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does Powershell Sandbox support?

Powershell Sandbox is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created Powershell Sandbox?

It is built and maintained by yuyonghao-123 (@yuyonghao-123); the current version is v0.1.0.

More Skills