Back to skill

Security audit

Proxmox

Security checks across malware telemetry and agentic risk

Overview

This skill does what it says: it helps manage a user-configured Proxmox cluster, but it can run disruptive infrastructure actions if given powerful credentials.

Install only if you want an agent to help manage Proxmox. Use a dedicated least-privilege API token, protect ~/.proxmox-credentials with strict permissions, avoid placing secrets in shared shells or logs, prefer valid TLS certificates over curl -k when possible, and require explicit confirmation before stop, reboot, rollback, delete, backup, or other disruptive operations.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Rogue AgentSelf-Modification, Session Persistence
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Lp3

Medium
Category
MCP Least Privilege
Confidence
86% confidence
Finding
The skill clearly instructs use of shell commands (`curl`, `source`, helper scripts) but does not declare corresponding permissions or operational safeguards. That mismatch is risky because an agent may be able to execute infrastructure-management actions without explicit capability scoping or user awareness.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
This section documents start/stop/shutdown/reboot, snapshot rollback, and delete operations without warning about service interruption, data loss, or the need for operator confirmation. In an automation context, these are high-risk actions against production infrastructure and could cause outages or irreversible rollback if invoked casually.

Missing User Warnings

Low
Confidence
83% confidence
Finding
Starting backups is a live infrastructure action that can consume storage, I/O, and compute resources, but the skill presents it as a routine command without cautionary guidance. In clustered environments, this can degrade performance or create retention/storage issues if triggered unexpectedly or repeatedly.

Session Persistence

Medium
Category
Rogue Agent
Content
---
name: proxmox
description: Manage Proxmox VE clusters via REST API. Use when user asks to list, start, stop, restart VMs or LXC containers, check node status, create snapshots, view tasks, or manage Proxmox infrastructure. Requires API token or credentials configured.
---

# Proxmox VE Management
Confidence
89% confidence
Finding
create snapshots, view tasks, or manage Proxmox infrastructure. Requires API token or credentials configured. --- # Proxmox VE Management ## Configuration Set environment variables or store in `~/.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.