Linux Ai Server

Security checks across malware telemetry and agentic risk

Overview

This is a coherent setup guide for a Linux AI inference server, but users should lock down the exposed network API and dashboard before using it.

Before installing, review the remote install script and PyPI package, test on a noncritical machine, and do not expose port 11435 or the dashboard to untrusted networks. Prefer localhost or private-network binding, firewall source restrictions, VPN or SSH tunneling, and authentication/TLS through a trusted proxy if remote access is needed.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 83% confidence
Finding: This section instructs users to open port 11435 and access the dashboard/API from anywhere on the network, but it does not warn about authentication, network trust boundaries, or restricting exposure to trusted hosts. Exposing inference, traces, health, and dashboard endpoints on a LAN or broader network can leak prompts, metadata, and operational details or permit unauthorized use.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal