Security audit

Teamgram Server Architecture

Security checks across malware telemetry and agentic risk

Overview

This is a documentation-only Teamgram architecture and deployment guide, but some sample deployment credentials must not be reused in production.

Treat this skill as a reference, not a production-ready deployment manifest. Before using its examples, replace all sample passwords, remove weak defaults, avoid root database credentials where possible, pin container image versions, restrict exposed ports, secure backups, and review the final configuration against official Teamgram and infrastructure security guidance.

SkillSpector

By NVIDIA

Vulnerability Patterns

Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Credential Access

High

Category: Privilege Escalation
Content: mysql: image: mysql:8.0 environment: # ⚠️ 生产环境：使用强密码，通过 .env 文件或 secrets 注入 MYSQL_ROOT_PASSWORD: ${MYSQL_ROOT_PASSWORD:-changeme} MYSQL_DATABASE: teamgram volumes:
Confidence: 95% confidence
Finding: .env

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.