ClawHub

Ubuntu Ollama

Security checks across malware telemetry and agentic risk

Overview

This is a coherent Ollama fleet setup guide, but it asks users to install remote software, run persistent services, and expose a network endpoint with limited safety guidance.

Install only if you are comfortable administering an Ubuntu host. Review the Ollama installer and ollama-herd package first, pin versions where possible, run services under a dedicated low-privilege user, and restrict port 11435 to trusted hosts or a VPN. Do not expose the dashboard or inference API broadly without authentication and TLS.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Tool MisuseTool Parameter Abuse, Chaining Abuse, Unsafe Defaults
  • Rogue AgentSelf-Modification, Session Persistence
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Findings (6)

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The skill provides systemd unit creation and service enablement instructions that make the software start automatically at boot, but it does not clearly warn the user that this creates persistent system changes. In a skill context, that omission can cause users to enable long-lived background services without understanding operational, security, or rollback implications.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The firewall section instructs users to open TCP port 11435 without explicitly stating that this exposes the service to other hosts on the network. That omission is risky because the skill also describes routing, dashboards, and APIs that may become reachable beyond localhost once the firewall is opened.

Session Persistence

Medium
Category
Rogue Agent
Content
WantedBy=multi-user.target
EOF

sudo systemctl enable --now herd-router
sudo systemctl enable --now herd-node
```
Confidence
93% confidence
Finding
systemctl enable

Session Persistence

Medium
Category
Rogue Agent
Content
EOF

sudo systemctl enable --now herd-router
sudo systemctl enable --now herd-node
```

## Use Ubuntu Ollama
Confidence
93% confidence
Finding
systemctl enable

External Script Fetching

High
Category
Supply Chain
Content
```bash
# Install Ollama on Ubuntu
curl -fsSL https://ollama.ai/install.sh | sh

# Verify Ollama is running on Ubuntu
ollama --version
Confidence
99% confidence
Finding
curl -fsSL https://ollama.ai/install.sh | sh

Chaining Abuse

High
Category
Tool Misuse
Content
```bash
# Install Ollama on Ubuntu
curl -fsSL https://ollama.ai/install.sh | sh

# Verify Ollama is running on Ubuntu
ollama --version
Confidence
98% confidence
Finding
| sh

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal