Back to skill

Security audit

Teslamate Deploy

Security checks across malware telemetry and agentic risk

Overview

The skill appears aimed at deploying TeslaMate, but it asks the agent to run high-impact deployment scripts that are not actually included in the submitted artifact.

Review this skill before installing. Confirm the missing scripts and docker-compose.yml from the original source, inspect them directly, and avoid running it on a sensitive host until the package includes the files it claims to execute. If used, prefer a private working directory, change all default credentials and encryption keys, and firewall ports 3000, 4000, and 1883.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Rogue AgentSelf-Modification, Session Persistence
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Sudo/Root Execution

Medium
Category
Privilege Escalation
Content
sudo docker compose ps

# 看 TeslaMate 实时日志
sudo docker compose logs -f teslamate

# 改默认密码 / 加密密钥
cd ~/teslamate    # 远程是 /home/$ssh_user/teslamate
Confidence
83% confidence
Finding
sudo

Session Persistence

Medium
Category
Rogue Agent
Content
SKILL_DIR="$HOME/.workbuddy/skills/teslamate-deploy"
# 临时拷贝到 ~/teslamate-deploy 一起执行 (install 脚本需要 docker-compose.yml 在同目录)
WORK=/tmp/teslamate-deploy-$USER
rm -rf "$WORK" && mkdir -p "$WORK"
cp "$SKILL_DIR/scripts/"{deploy-setup.sh,install-teslamate.sh,docker-compose.yml} "$WORK/"
chmod +x "$WORK/deploy-setup.sh" "$WORK/install-teslamate.sh"
cd "$WORK"
Confidence
91% confidence
Finding
mkdir -p "$WORK" cp "$SKILL_DIR/scripts/"{deploy-setup.sh,install-teslamate.sh,docker-compose.yml} "$WORK/" chmod +x "$WORK/deploy-setup.sh" "$WORK/install-teslamate.sh" cd "$WORK" ./deploy-setup.sh $

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.