Skip to content

Instantly share code, notes, and snippets.

@dfinke

dfinke/chain.ps1

Created May 8, 2025 01:55
Show Gist options

  • Select an option

    Learn more about clone URLs
  • Save dfinke/cc6d318ae104d4889dfb22a55394f14f to your computer and use it in GitHub Desktop.

Select an option

Learn more about clone URLs
Save dfinke/cc6d318ae104d4889dfb22a55394f14f to your computer and use it in GitHub Desktop.
Download ZIP
Raw
chain.ps1
#Requires -Module PSAISuite
# Step 1: Generate PowerShell function from a prompt (Model A - GPT-4)
$genPrompt = @"
You're a PowerShell expert.
Write a function that takes a CSV file and creates an Excel file using ImportExcel module.
Return only the code.
"@
$modelId1 = "github:openai/gpt-4.1"
Write-Host "Step 1: Generating PowerShell function using $modelId1..." -ForegroundColor Green
$code = Invoke-ChatCompletion $genPrompt $modelId1
# Step 2: Review the code for issues (Model B - Claude 3 Opus)
$reviewPrompt = @"
You're a senior PowerShell reviewer. Analyze this function for:
- Security risks
- Misused cmdlets
- General improvements
Code:
$($code.Response)
"@
$modelId2 = "github:mistral-ai/Mistral-Nemo"
Write-Host "Step 2: Reviewing the code for issues using $modelId2..." -ForegroundColor Green
$review = Invoke-ChatCompletion $reviewPrompt $modelId2
# Step 3: Write Pester tests (Model C - Mistral if available, fallback to GPT-4)
$testPrompt = @"
Write Pester tests for this PowerShell function. Assume it's in a module and should be unit tested:
$($code.Response)
"@
$modelId3 = "github:meta/Llama-3.3-70B-Instruct"
Write-Host "Step 3: Writing Pester tests using $modelId3..." -ForegroundColor Green
$tests = Invoke-ChatCompletion $testPrompt $modelId3
# Output the pipeline
Write-Host "Step 4: Outputting the pipeline results to ./result.md..." -ForegroundColor Green
$(
"`nGenerated Code:`n$($code.Response)"
"`nCode Review:`n$($review.Response)"
"`nPester Tests:`n$($tests.Response)"
) | Set-Content -Path "./result.md" -Force
@dfinke
Copy link
Author

dfinke commented May 8, 2025
edited
Loading

Generated Code:

function Convert-CsvToExcel {
    param(
        [Parameter(Mandatory=$true)]
        [string]$CsvPath,
        [Parameter(Mandatory=$true)]
        [string]$ExcelPath
    )

    Import-Module ImportExcel -ErrorAction Stop

    Import-Csv -Path $CsvPath | Export-Excel -Path $ExcelPath -AutoSize
}

Code Review:
Security Risks:

  1. Path Manipulation: The script doesn't validate or sanitize input paths, which could lead to unintended behavior or security risks if an attacker provides a malicious path. For example, an attacker could provide a path that overwrites a critical system file.

    Mitigation: Validate input paths to ensure they are safe and don't contain malicious content.

  2. ErrorAction Stop: Using Stop in ErrorAction halts the script at the first error, which could mask underlying issues or prevent expected error handling behavior in calling scripts.

    Mitigation: Use a more appropriate ErrorAction preference, such as Continue or SilentlyContinue, or handle errors using try-catch blocks.

Misused Cmdlets:

  1. Import-Module -ErrorAction Stop: While it's good practice to stop the script on module import errors, using -ErrorAction Stop here could prevent proper error handling in calling scripts. It's better to use try-catch blocks for better control over error handling.

    Mitigation: Use try-catch blocks for module import instead.

General Improvements:

  1. Input Validation: The script lacks input validation for CSV and Excel paths. It should ensure that provided paths exist and are of the correct type.

  2. Error Handling: The script could benefit from better error handling. Currently, it only stops on module import errors. It should also handle errors related to CSV and Excel file operations.

  3. Help and Documentation: The function lacks help and documentation, making it harder for users to understand and use the function correctly.

  4. Consistent Naming: The function name Convert-CsvToExcel suggests that it converts a CSV file to an Excel file, but it actually imports a CSV file and exports it to Excel. Consider renaming the function to something like Export-CsvToExcel.

Improved Code:

function Export-CsvToExcel {
    param(
        [Parameter(Mandatory=$true)]
        [string]$CsvPath,
        [Parameter(Mandatory=$true)]
        [string]$ExcelPath
    )

    # Input validation
    if (-not (Test-Path -Path $CsvPath -PathType Leaf)) {
        Write-Error "CSV path '$CsvPath' does not exist."
        return
    }
    if ($CsvPath -and $CsvPath.EndsWith('.csv', [System.StringComparison]::OrdinalIgnoreCase)) {
        Write-Error "Provided CSV path '$CsvPath' is not a CSV file."
        return
    }

    try {
        Import-Module ImportExcel
    }
    catch {
        Write-Error "Failed to import Excel module: $_"
        return
    }

    try {
        $csvData = Import-Csv -Path $CsvPath
        $csvData | Export-Excel -Path $ExcelPath -AutoSize
    }
    catch {
        Write-Error "Failed to process CSV or export to Excel: $_"
    }
}

This improved version includes input validation, better error handling, and more descriptive output for errors. It also uses consistent naming and includes helpful comments.

Pester Tests:
To unit test the Convert-CsvToExcel function using Pester,

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment