If you have ever downloaded a PowerShell script from the internet (via email, a browser, or Teams/Slack) and tried to run it, you have likely encountered a cryptic error message: "File cannot be loaded because running scripts is disabled on this system." Or, more specifically: "File X.ps1 is not digitally signed. You cannot run this script on the current system." While the execution policy ( Set-ExecutionPolicy ) is often the first suspect, the real culprit in many cases is the Windows Mark of the Web and PowerShell's security feature designed to handle it: the Unblock-File cmdlet. The Problem: The "Mark of the Web" When you download a file from the internet, Windows attaches an invisible identifier to it called the Mark of the Web (MOTW) . This is an alternate data stream (Zone.Identifier) that tells Windows, "This file came from an untrusted zone (the internet)."
Unblock-File -Path .\*.ps1 -WhatIf Output: powershell unblock-file
Get-ChildItem -Path "C:\Scripts" -Recurse -File | Unblock-File This command finds all files recursively in C:\Scripts and unblocks them all at once. Because Unblock-File accepts pipeline input, you can combine it with Get-ChildItem or Get-Item : If you have ever downloaded a PowerShell script
When PowerShell sees this mark on a script ( .ps1 ), module ( .psm1 ), or configuration file ( .psd1 ), it refuses to execute it by default. This is a , not a bug. It prevents malicious scripts from running automatically. This is an alternate data stream (Zone