ClawHub

Proxmox Backup Server Manager

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed Proxmox backup-management skill that needs infrastructure credentials and can make system backup changes, but the behavior matches its purpose.

Install only if you want an agent to help administer Proxmox/PBS backups. Review every apt, mount, fstab, SSH, pvesm, and bulk-backup action before approving it; use least-privilege Proxmox/PBS/NAS accounts, enable TLS verification when possible, and protect or rotate any credentials stored under ~/.openclaw/credentials.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Natural-Language Policy Violations

Medium
Confidence
97% confidence
Finding
The skill instructs users to pass passwords and API tokens through chat while asserting they are not stored in logs or memory, which is a natural-language guarantee the skill cannot technically enforce from this document alone. This creates a real risk of secret exposure through chat retention, model providers, transcripts, debugging logs, or downstream tooling.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The guide instructs users to persist SMB credentials in /root/.smbcreds and append mount configuration to /etc/fstab without any warning about secret handling, file ownership, backup exposure, or the operational risk of persistent boot-time mounts. This can lead to credential leakage, unintended reuse of highly privileged storage credentials, and system availability issues if a bad fstab entry prevents clean boot or delays startup.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The guide tells users to configure PBS storage with username root@pam and a root password, but does not warn about the risks of sharing, storing, or automating privileged credentials. Using root credentials for routine integration increases blast radius if the password is exposed through command history, configs, screenshots, logs, or agent handling.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
If the script is invoked without a VMID, it automatically starts backups for every configured target. In an agent skill context, missing or malformed arguments can happen easily, so a simple invocation mistake can trigger broad backup jobs across multiple systems, consuming storage, I/O, and backup windows unexpectedly.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal