Back to skill

Security audit

Pi-hole Control

Security checks across malware telemetry and agentic risk

Overview

This appears to be a legitimate Pi-hole control skill, but it needs review because it can disable network-wide blocking and has under-disclosed credential and transport risks.

Install only if you are comfortable giving the agent control over your Pi-hole for the whole network. Use HTTPS with certificate validation, avoid insecure: true except on a trusted local setup, treat off/disable commands carefully, and rotate the Pi-hole app password if you tested over HTTP or with certificate checks disabled.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Tool MisuseTool Parameter Abuse, Chaining Abuse, Unsafe Defaults
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (6)

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The document endorses an `insecure: true` mode that disables TLS certificate validation via curl `-k`, but it does not prominently warn that this enables man-in-the-middle interception and spoofing of the Pi-hole endpoint. In this context, that can expose API credentials/session tokens and allow an attacker on the network path to tamper with DNS-blocking commands or returned query data.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The skill explicitly documents commands to disable Pi-hole blocking but does not warn that this turns off network-wide DNS-based ad and malware blocking for all clients using that resolver. In a home or small-office environment, an agent user could disable a meaningful protective control without understanding the broader security and privacy impact.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The documentation recommends `insecure: true` for self-signed or local certificates and notes that it adds `-k` to curl, but it does not prominently warn that this disables TLS certificate validation. That exposes API authentication and control traffic to man-in-the-middle attacks on the local network, especially because the skill can authenticate and change Pi-hole blocking state.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The script sends the Pi-hole API token over the network in a JSON body and allows certificate validation to be disabled via PIHOLE_INSECURE=true. If the URL uses HTTP or TLS verification is bypassed, an attacker on the network could intercept credentials or impersonate the Pi-hole server and capture the token.

External Transmission

Medium
Category
Data Exfiltration
Content
exit 1
fi

# Build curl flags based on insecure setting
CURL_FLAGS="-s --fail --max-time 30"
if [[ "$PIHOLE_INSECURE" == "true" ]]; then
    CURL_FLAGS="$CURL_FLAGS -k"
Confidence
90% confidence
Finding
curl flags based on insecure setting CURL_FLAGS="-s --fail --max-time 30" if [[ "$PIHOLE_INSECURE" == "true" ]]; then CURL_FLAGS="$CURL_FLAGS -k" fi # Validate numeric input validate_number() {

Tool Parameter Abuse

High
Category
Tool Misuse
Content
exit 1
fi

# Build curl flags based on insecure setting
CURL_FLAGS="-s --fail --max-time 30"
if [[ "$PIHOLE_INSECURE" == "true" ]]; then
    CURL_FLAGS="$CURL_FLAGS -k"
Confidence
96% confidence
Finding
curl flags based on insecure setting CURL_FLAGS="-s --fail --max-time 30" if [[ "$PIHOLE_INSECURE" == "true" ]]; then CURL_FLAGS="$CURL_FLAGS -k

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.