Homebutler

Security checks across malware telemetry and agentic risk

Overview

Homebutler is a coherent homelab management guide, but it gives agents powerful server and data-changing commands without clear pre-action safeguards for destructive operations.

Install only if you trust the external homebutler CLI and want an agent to administer your homelab. Require the agent to confirm the exact server, app, and scope before actions, and give separate explicit approval before purge, restore, deploy, upgrade, Docker stop/restart, or any --all operation.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (2)

Missing User Warnings

Medium

Confidence: 91% confidence
Finding: The skill documents `homebutler install purge <app>` as a destructive action that deletes all app data, but the surrounding usage flow does not require an explicit confirmation step or strong pre-execution warning. In an agent setting, this increases the risk of accidental irreversible data loss if the model follows the example or user intent is ambiguous.

Missing User Warnings

Medium

Confidence: 88% confidence
Finding: The restore command is presented without a clear warning that restoring from an archive may overwrite or modify existing volumes/files. In an operational automation context, omission of that warning can lead to unintended replacement of live data and service disruption.

VirusTotal

62/62 vendors flagged this skill as clean.

View on VirusTotal