Proxmox Full

Security checks across malware telemetry and agentic risk

Overview

This is a legitimate Proxmox administration helper, but it gives an agent broad infrastructure control and includes destructive commands without enough safeguards.

Install only if you want an agent to help administer Proxmox. Before use, create a dedicated least-privilege token scoped to the specific nodes, pools, or VMs needed, keep privilege separation enabled where possible, avoid using -k once certificates are trusted, and require explicit human confirmation before stop, rollback, delete, purge, restore, clone, or template operations.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (2)

Missing User Warnings

Medium

Confidence: 93% confidence
Finding: The skill documents irreversible deletion and purge operations for VMs and containers without any confirmation, warning, or safety guidance. In an agent context, exposing these commands as ready-to-run examples materially increases the risk of accidental destructive actions against production infrastructure.

Missing User Warnings

Medium

Confidence: 96% confidence
Finding: The setup section includes a live-looking API token format and instructs users to export it directly into the shell environment without guidance on secret hygiene. This encourages insecure handling of privileged Proxmox credentials, which may leak via shell history, logs, screenshots, process environments, or copied skill content.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal