nas-master

Before installing or running this skill, consider the following: 1) Provenance: The source is unknown and registry metadata conflicts with SKILL.md. Ask the publisher for provenance and an explanation for the metadata mismatch. 2) Credentials in package: The skill bundle includes a .env file with live-looking credentials/paths. Never run code that uses embedded credentials you didn't provision yourself—replace them with placeholders or remove the .env before use. Treat any included passwords as potentially sensitive and verify they are not legitimate production credentials. 3) System writes: The skill instructs writing a PHP dashboard into C:\xampp\htdocs\. That will place files under a webserver root. Only allow this if you explicitly want a dashboard hosted there and you trust the generated content; run in a sandbox/VM first. 4) Network & privilege: The skill needs SMB share access and SSH credentials to the NAS; ensure you supply only least-privilege accounts (read-only where possible) and review the database account (use a dedicated DB user with limited rights). 5) Dependencies & platform: The Python code uses psutil Windows constants and assumes XAMPP paths — test in a controlled Windows environment. Also confirm required Python packages (paramiko, mysql-connector, python-dotenv, psutil) are installed from trusted sources. 6) Safety checks: Validate that the scraper truly runs read-only against your shares and that any generated web files do not unintentionally expose sensitive metadata. Review and run the code in a sandbox (isolated VM or staging network) before granting it access to production NAS or network. If you cannot confirm origin or cannot run it in an isolated environment, do not install or run the skill. If you proceed, replace/remove the bundled .env, use scoped credentials, and inspect/modify the PHP/dashboard generation to ensure it does not leak data publicly.