Ubuntu Ai

Security checks across malware telemetry and agentic risk

Overview

The skill appears aligned with building a local Ubuntu AI service, but its setup opens a network port and creates persistent privileged services without enough safety guidance.

Review the upstream installer and pip package before running the quick start. Keep port 11435 bound to localhost unless you intentionally need LAN access, and if remote access is needed, restrict source IPs and add authentication/TLS or a hardened reverse proxy. Treat the systemd and firewall steps as persistent machine changes and plan how to undo them.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 89% confidence
Finding: The skill instructs users to expose a locally hosted AI service and explicitly open TCP port 11435 via UFW, but it does not warn that this may make the service reachable from other hosts on the network. If the service lacks authentication or is not intended for untrusted access, this can enable unauthorized use, information disclosure, or abuse of attached compute resources.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal