Powershell Sandbox

在受限的 PowerShell 环境中安全执行脚本，支持命令白名单、超时控制、输出限制和文件路径隔离。

Do not rely on this package to safely sandbox untrusted PowerShell code in its current form. The repository as provided does not include the core src/sandbox.ps1 implementation even though docs and package.json reference it. The test harness is superficial (it increments passes even when the sandbox script is missing and validates patterns rather than executing enforcement code), so the TEST_RESULTS.md is not strong proof of safety. Before installing or invoking: 1) obtain and review the actual src/sandbox.ps1 source; verify it implements the claimed static checks, .NET type restrictions, job-based timeout termination, output truncation, and file path isolation; 2) refuse to run or enable -AllowNetwork unless you fully trust the script; 3) run the sandbox only in an isolated environment (VM/container) until you audit it; 4) ask the author for a homepage/source repo and real tests that exercise enforcement (not just string checks); 5) avoid giving the agent elevated privileges or running as admin while testing. If you cannot get the sandbox.ps1 source, treat this skill as non-functional and potentially dangerous.

Type: OpenClaw Skill Name: yuyonghao-powershell-sandbox Version: 0.1.0 The bundle claims to provide a 'PowerShell Security Sandbox' with advanced safety features like command whitelisting, .NET type restrictions, and code scanning; however, the core implementation file (src/sandbox.ps1) is missing from the provided content. This lack of functional code makes the extensive security claims in SKILL.md and TEST_RESULTS.md unverifiable and creates a 'false sense of security' risk. An AI agent might be misled into executing dangerous user-provided scripts under the assumption they are sandboxed, when the underlying protection mechanism is either absent or potentially a non-functional wrapper.