ClawHub

Proxmox Management

Security checks across malware telemetry and agentic risk

Overview

This skill transparently manages Proxmox infrastructure with a required API token and approval-marked destructive actions, with no evidence of hidden or malicious behavior.

Install only with a dedicated least-privilege Proxmox API token. Prefer VM- or path-specific permissions over cluster-wide '/' access, keep approval prompts enabled, and verify node, VM/container ID, and snapshot name before approving power or rollback/delete actions.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Lp3

Medium
Category
MCP Least Privilege
Confidence
93% confidence
Finding
The skill declares required environment variables containing Proxmox API credentials but does not declare corresponding permissions, creating a capability/permission mismatch. In an agent environment, this can let a skill access sensitive infrastructure secrets without clear permission gating or user visibility, which is especially risky because the skill can perform administrative actions against VMs and containers.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The script exposes destructive operations like rollback_snapshot and delete_snapshot directly from the CLI with no in-script confirmation, dry-run, or explicit danger notice, relying instead on an external approval mechanism. In an agent or automation context, that increases the chance of accidental state loss, service disruption, or rollback to vulnerable/inconsistent VM snapshots if the external control is bypassed, misconfigured, or absent.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal