When invoking Powershell directly by invoking PWSH.EXE, it accepts an -ExecutionPolicy parameter for essentially a "one time/this-instance-only" invocation with something other than the policy default for that context.

I infer, but cannot confirm, that invoking this parameter requires the caller to have local administrative access. I have not been able to confirm or refute this by looking at PWSH documentation from MS. I make this inference that it would be a trivial bypass of the entire -ExecutionPolicy concept to allow a non-privileged account to run a script that sets this parameter arbitrarily, then fire a script that causes all kinds of mayhem. But I have found nothing in MS docs stating the rules either way.

When invoking Powershell directly by invoking PWSH.EXE, it accepts an -ExecutionPolicy parameter for essentially a "one time/this-instance-only" invocation with something other than the policy default for that context.

I infer, but cannot confirm, that invoking this parameter requires the caller to have local administrative access. I have not been able to confirm or refute this by looking at PWSH documentation from MS. I make this inference that it would be a trivial bypass of the entire -ExecutionPolicy concept to allow a non-privileged account to run a script that sets this parameter arbitrarily, then fire a script that causes all kinds of mayhem. But I have found nothing in MS docs stating the rules either way.

To Clarify: This question inquires as to the permissions of the calling process contest that invokes PWSH with the -ExecutionPolicy option.