ClawHub

initial-traefik

Security checks across malware telemetry and agentic risk

Overview

This Traefik setup skill is coherent, but its default templates can expose an unauthenticated Traefik dashboard/API on a running reverse proxy.

Review before installing or copying these templates. Use only on a trusted private network unless you first remove --api.insecure=true, protect the dashboard/API with authentication and preferably HTTPS, restrict access by IP/VPN or localhost, and understand that the Traefik container will keep running with Docker socket visibility.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (5)

Description-Behavior Mismatch

High
Confidence
99% confidence
Finding
The compose file explicitly enables Traefik's dashboard and API and sets `--api.insecure=true`, which exposes an administrative interface without authentication. In a reverse proxy intended for routing setup, this materially increases attack surface and can disclose configuration, routes, services, and operational details that assist further compromise.

Context-Inappropriate Capability

High
Confidence
93% confidence
Finding
Mounting `/var/run/docker.sock` gives the container visibility into the Docker daemon and, depending on surrounding controls, can expose sensitive metadata about running containers and become a stepping stone to host-level compromise if Traefik or the container is breached. Although Traefik commonly uses the Docker provider, this is still a high-value capability that should be treated as dangerous and minimized.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The skill explicitly enables Traefik's API/dashboard and Prometheus metrics while exposing HTTP entrypoints on ports 80/443, but it does not document any authentication, IP allowlisting, TLS hardening, or other access controls. This can expose sensitive routing, service, and operational metadata to anyone who can reach the proxy, increasing attack surface and aiding reconnaissance or administrative misuse.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
This example exposes Traefik's internal dashboard/API on an HTTP router without any authentication, IP restriction, or warning that it should not be used as-is on untrusted networks. In a setup skill meant to help users deploy reverse proxies, readers may copy this configuration directly, which can lead to information disclosure about routes/services and unnecessary expansion of the attack surface.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The documentation explicitly enables `--api.insecure=true`, which exposes the Traefik dashboard/API without authentication or other protection. Although the comment says 'for dev only,' the access example is broad and there is no strong warning, making it likely users will deploy this insecurely and leak routing, service, and operational metadata or allow unauthorized administrative access depending on configuration.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal