This detection rule is designed to identify obfuscated PowerShell commands that are invoked via standard input (stdin) in Windows scripting environments. The rule captures instances where the command line includes a 'set' command, indicating potential attempts to manipulate the environment or execute obfuscated scripts that may otherwise evade detection. The regex pattern specifically looks for two 'set' commands connected by '&&', followed by indications that suggest manipulation or invocation of external commands (like environment variables or script input). Such behavior is commonly associated with defense-evasion techniques that malware authors use to hide their malicious intents. A high severity level indicates that successful detection could prevent significant breaches associated with evading security measures. The rule targets process creation logs on Windows and aims to assist security teams in mitigating risks associated with script-based attacks.