File Launcher

The 'file-launcher' skill grants the agent the ability to execute arbitrary files and programs using the PowerShell 'Invoke-Item' command, as documented in SKILL.md. While this behavior is consistent with the stated purpose of opening media or documents, it provides a high-risk primitive for Remote Code Execution (RCE) if the agent is manipulated into launching malicious scripts or system binaries. No explicit evidence of malicious intent or data exfiltration was found, but the lack of path restrictions makes it a significant security risk.