Back to skill

Security audit

Proxmox Wazuh Enroll

Security checks across malware telemetry and agentic risk

Overview

This appears to be a legitimate Wazuh enrollment helper, but users should review it because one install example can expose the Wazuh registration password while running privileged VM commands.

Use this only for intentional Wazuh agent deployment on confirmed VM IDs during an approved change window. Do not paste the registration password into chat or command examples; prefer a verified stdin wrapper or the authd.pass alternative with prompt deletion, and treat Proxmox API tokens and QGA execution as full administrative access to the target VM.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Intent-Code Divergence

Medium
Confidence
96% confidence
Finding
The documented primary install command passes the Wazuh registration password as an MSI property on the command line, which can expose the secret through process listings, guest-agent logs, shell history, audit telemetry, or Proxmox task/API traces. Although surrounding text warns not to do this, operators commonly copy the main example verbatim, so the example itself materially increases the chance of credential disclosure.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The skill explicitly instructs operators to execute commands in the guest as `NT AUTHORITY\SYSTEM`, but it does not prominently warn that this is full local privilege inside the Windows VM and can change system state, install software, or break the guest if misused. In this context the behavior is intentional for deployment, but the missing privilege/safety warning increases the chance of unsafe or accidental high-impact actions by users.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal

Static analysis

No suspicious patterns detected.