Hetzner Cloud CLI

Security checks across malware telemetry and agentic risk

Overview

This skill appears to be a straightforward Hetzner Cloud CLI helper, but it handles powerful cloud actions and sensitive API credentials.

Install only if you intend to let the agent manage Hetzner Cloud resources. Use a narrowly scoped API token where possible, protect the hcloud config file, and require explicit confirmation before any delete, rebuild, or production-impacting command.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Missing User Warnings

Medium

Confidence: 90% confidence
Finding: The skill documents destructive infrastructure operations such as deleting servers and other cloud resources without any warning about irreversibility, production impact, or confirmation safeguards. In an agent skill context, this increases the risk that an operator or autonomous workflow may execute a deletion command casually and cause outages or permanent data loss.

Missing User Warnings

Medium

Confidence: 94% confidence
Finding: The skill instructs users to place a Hetzner API token directly into a persistent plaintext config file without highlighting that the token is highly sensitive. Even with restrictive file permissions, this pattern normalizes long-lived credential storage and can lead to accidental disclosure through logs, shell history, backups, screenshots, or compromised local accounts.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal