Exposed secret literal
Critical
- Finding
- File appears to expose a hardcoded API secret or token.
Pve Automation
Security checks across static analysis, malware telemetry, and agentic risk
Overview
The skill matches Proxmox automation, but it needs privileged PVE API credentials, disables TLS certificate checks, and can perform disruptive VM/container actions.
Install only if you understand the Proxmox environment being controlled. Use a least-privilege API token, avoid root@pam automation tokens, enable proper TLS certificate verification before production use, and require explicit approval for stop, delete, rollback, or other disruptive VM/container actions.
Static analysis
Insecure tls verification
Warn
- Finding
- HTTPS certificate verification is disabled.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
What this means
A mistaken or ambiguous request could stop or remove workloads if the agent uses credentials with enough privilege.
Why it was flagged
The skill documents force-stop and delete operations against Proxmox VMs. These are expected for a PVE automation skill, but they are disruptive infrastructure actions.
Skill content
# Stop VM (force/poweroff)
POST /nodes/{node}/qemu/{vmid}/status/stop
# Delete VM
DELETE /nodes/{node}/qemu/{vmid}Recommendation
Require explicit user confirmation, exact node/VM/container IDs, and preferably a dry-run or pre-check before stop, delete, rollback, or similar destructive actions.
What this means
Users may not realize before installation that the skill needs high-impact Proxmox API credentials.
Why it was flagged
The registry contract under-declares credential needs even though the README/code use PVE_HOST, PVE_TOKEN_ID, and PVE_SECRET for hypervisor control.
Skill content
Required env vars: none Env var declarations: none Primary credential: none
Recommendation
Declare the PVE host and API token requirements in metadata, and recommend least-privilege non-root tokens scoped only to the intended nodes and actions.
What this means
A captured PVE token could allow an attacker to control or disrupt Proxmox VMs, containers, storage, or cluster resources within the token's permissions.
Why it was flagged
The client sends the PVE API token in an Authorization header while TLS certificate verification is disabled, exposing privileged credentials to interception or wrong-endpoint risk on untrusted networks.
Skill content
self.headers = {
'Authorization': f'PVEAPIToken={self.user}!{self.token_id}={self.token_secret}'
}
...
verify=False,Recommendation
Enable certificate verification by default, support a CA bundle or explicit --no-verify lab-only option, and avoid using root@pam tokens for automation.
What this means
Different dependency versions could be installed over time, reducing reproducibility and reviewability.
Why it was flagged
The dependency installation is user-directed and purpose-aligned, but versions are not pinned and there is no install spec or lockfile in the provided artifacts.
Skill content
pip install requests urllib3
Recommendation
Pin dependency versions or provide a reviewed install spec/lockfile.