Skills
skills/aradotso/mcp-skills/linux-mcp-server-administration/Gen Agent Trust Hub

linux-mcp-server-administration

Pass

Audited by Gen Agent Trust Hub on May 18, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSDATA_EXFILTRATION
Full Analysis
  • [PROMPT_INJECTION]: Indirect Prompt Injection Risk.
  • Ingestion points: SKILL.md (via read_journal, read_log_file, and search_logs tools).
  • Boundary markers: Absent.
  • Capability inventory: Shell command execution via SSH (e.g., systemctl, journalctl, uname, ps).
  • Sanitization: Absent.
  • Analysis: The skill reads system logs which often contain untrusted data (e.g., failed SSH login attempts or application logs). Attackers can log malicious strings that may be interpreted as instructions by the agent when these logs are processed.
  • [COMMAND_EXECUTION]: Executes standard Linux diagnostic commands via shell.
  • Evidence: The skill wraps various CLI utilities including systemctl status, journalctl, ps, ss, and df for system monitoring.
  • [EXTERNAL_DOWNLOADS]: Fetches software packages from external repositories.
  • Evidence: Installation instructions involve pip install linux-mcp-server and git clone https://github.com/rhel-lightspeed/linux-mcp-server.git.
  • [DATA_EXFILTRATION]: Accesses sensitive system information and logs.
  • Evidence: The skill enables reading of /var/log/secure and /var/log/audit/audit.log, which contain security-critical events and potentially sensitive user metadata.
Audit Metadata
Risk Level
SAFE
Analyzed
May 18, 2026, 01:49 PM
Security Audit — agent-trust-hub — linux-mcp-server-administration