powershell-security-hardening
PassAudited by VirusTotal on May 4, 2026.
Overview
Type: OpenClaw Skill Name: ah-powershell-security-hardening Version: 1.0.0 The skill bundle contains only metadata and instructions for an AI agent to act as a PowerShell security hardening specialist. The content in SKILL.md focuses on legitimate security practices such as enforcing least privilege, implementing logging, and following CIS/DISA STIG benchmarks. There is no executable code, no evidence of data exfiltration, and no malicious prompt injection attempts.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If an agent applies these recommendations without review, it could lock out users, break remoting, alter firewall access, or change administrator privileges.
These are legitimate security-hardening activities, but they can materially change Windows system behavior, access rights, and network exposure.
- Apply CIS / DISA STIG controls using PowerShell - Audit and remediate local administrator rights - Enforce firewall and protocol hardening settings
Use audit/report mode first where possible, require explicit user approval before applying changes, and keep rollback steps or backups for system configuration changes.
Incorrect changes to credential handling, service accounts, or WinRM endpoints could affect privileged access or automation reliability.
The skill operates in areas involving privileged accounts, credential storage, and remote administration. This is expected for the stated security-hardening purpose, and no credential collection or leakage is shown.
- Harden scheduled tasks, WinRM endpoints, and service accounts - Implement secure credential patterns (SecretManagement, Key Vault, DPAPI, Credential Locker)
Limit use to authorized systems and accounts, avoid exposing secrets in prompts or logs, and verify any privilege or credential changes before execution.
Sensitive configuration details or security findings could be shared with other agents if the host environment supports such routing.
The skill anticipates collaboration with other agents. This is reasonable for enterprise security review, but the artifact does not define data-sharing boundaries.
## Integration with Other Agents - **ad-security-reviewer** – for AD GPO, domain policy, delegation alignment - **security-auditor** – for enterprise-level review compliance - **it-ops-orchestrator** – for routing cross-domain tasks
Confirm what information is shared across agents and avoid routing secrets, credentials, or sensitive infrastructure details unless necessary and authorized.