Skills
skills/bastos/skills/proxmox-admin/Gen Agent Trust Hub

proxmox-admin

Warn

Audited by Gen Agent Trust Hub on Apr 25, 2026

Risk Level: MEDIUMCREDENTIALS_UNSAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATIONNO_CODE
Full Analysis
  • [CREDENTIALS_UNSAFE]: The documentation includes provisioning examples with hardcoded password parameters (e.g., --cipassword 'secret' and --password 'secret'), which may lead to insecure configurations if implemented without modification.
  • [EXTERNAL_DOWNLOADS]: The skill instructs the use of wget to fetch ISO images and cloud images from external domains, including placeholder examples such as example.com.
  • [COMMAND_EXECUTION]: The skill is primarily focused on executing high-privilege Proxmox administration commands (qm, pct, pvesm, pvecm, vzdump) that manage critical host virtualization resources and cluster configurations.
  • [DATA_EXFILTRATION]: The skill facilitates access to sensitive host security files, specifically instructing the agent to read ~/.ssh/authorized_keys for VM cloud-init configuration.
  • [NO_CODE]: The skill contains no executable scripts (Python, JavaScript, or Shell) and consists entirely of instructional markdown content.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Apr 25, 2026, 10:05 PM