server-log-analysis

This skill appears to do what it says (SSH -> read config.yaml -> fetch logs -> analyze), but review and harden before use. What to check before installing or running: - Inspect config.yaml immediately. It contains a connection example with username: 'root' and password: 'password'. Replace any plaintext passwords with references to environment variables or a secrets manager, or remove the credentials entirely. - Prefer SSH key-based auth and point the skill at a non-root, least-privilege account. Ensure SKILL.md's suggested auth mechanism (env var or key file) is actually used instead of embedded secrets. - Confirm local_temp_dir and preserve_downloads behavior. If you don't want logs persisted, set preserve_downloads: false and ensure temp/ is cleared after analysis. - Limit scope in config.yaml (allowed hosts, explicit log paths) so the agent cannot be pointed at arbitrary files/hosts. Use explicit allowlists where possible. - Validate who published this skill (source unknown, no homepage). If you cannot verify the author, avoid giving it broad SSH access to production systems. - Consider running manual, audited SSH commands yourself for sensitive systems rather than allowing an automated agent to fetch logs until you trust the skill and configuration. Why the verdict is 'suspicious': the skill is coherent, but the bundled configuration includes insecure defaults and sensitive information in plaintext; that mismatch with the documentation and the potential to download sensitive logs raise concern. Additional information that would raise confidence to 'high': a cleaned config.yaml without plaintext secrets, clear runtime control over which hosts/files can be accessed, and provenance of the skill (trusted publisher or repo).