Self-Hosting Mastery

Security checks across malware telemetry and agentic risk

Overview

This is a self-hosting instruction guide with powerful but visible server-administration examples that match its stated purpose.

Install is reasonable if you want a homelab/self-hosting playbook. Before letting an agent run commands from it, confirm the target host, inspect remote installer scripts, back up configs, and require explicit approval for commands that install software, edit /etc, change firewall rules, expose services, prune Docker data, mount the Docker socket, delete old backups, or reboot/update a server.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 79% confidence
Finding: The backup script stops services and deletes old archives with `find ... -delete`, but the safety implications are not prominently called out. In an agent or copy-paste context, users could interrupt production services or delete backups without understanding retention, path, and consistency risks.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal