| Version | Supported |
|---|---|
| 5.0.x | Yes |
| 4.1.x | No |
| < 4.1 | No |
PrinterToolkit is a local administration tool that requires Administrator privileges for most operations. It does not expose network services, store credentials, or transmit data externally.
If you discover a security vulnerability:
- Do not open a public GitHub Issue
- Email the maintainers directly (see repository profile for contact)
- Include a detailed description and reproduction steps
- All user input is validated before passing to shell commands
Invoke-Expressionis only used with an allowlist- No credentials, tokens, or secrets are stored
- Log files are written to user-controlled locations (Desktop)
- Module loading does not bypass execution policy
- No external dependencies or network calls during operation
- Destructive operations require
Assert-Elevatedcheck before execution - Bootstrap installer verifies SHA-256 checksums against published release assets
The following are NOT considered vulnerabilities:
- Need for Administrator privileges (by design)
- Local file access by an already-elevated attacker (the attacker already has full control)
- PowerShell execution policy checks (standard Windows security)