I've put together a safer script execution extension for osquery across MacOS, Linux, windows and am hoping to publish it but looking for others that might be interested in vetting it. Bash, python, powershell, etc Features • Execute scripts using select or insert statements across deployment • Use a CDN or similar style method for hosting content to be used in queries • Secured pipeline that only executes approved signed content • Cache scripts so they don't have to pulled constantly • Allows arguments to be passed at query time • TBD: internal execution of scripts to avoid the process chain problem. Currently testing internal powershell execution If it's of interest reach out. Happy to share the code but just ask for feedback