Server

Security checks across malware telemetry and agentic risk

Overview

This is a documentation-only server administration skill, but some Docker examples should be secured before being copied into production.

Install only if you want server-administration guidance. Review every command before running it on a live host, replace example passwords, protect secrets with an ignored `.env`, Docker secrets, or a secret manager, remove or secure Traefik’s insecure dashboard/API flag, and be careful with persistent services and Docker volume deletion.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (2)

Missing User Warnings

Medium

Confidence: 92% confidence
Finding: The compose examples embed database credentials directly in environment variables using obvious placeholder-but-realistic values like `user:pass` and `changeme` without warning readers not to copy them into production or store secrets in versioned compose files. In a server/deployment skill, users may reuse these patterns verbatim, leading to credential disclosure, weak default secrets, and accidental exposure through source control, logs, or process inspection.

Missing User Warnings

High

Confidence: 98% confidence
Finding: The Traefik example enables `--api.insecure=true`, which exposes the admin/dashboard API without authentication safeguards unless separately constrained. In a public-facing reverse proxy example, this is especially dangerous because users may deploy it internet-accessible, exposing routing details and administrative functionality to attackers.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal