hetzner-server

Fail

Audited by Socket on Mar 18, 2026

1 alert found:

Malware
MalwareHIGH
SKILL.md

Overall this skill is mostly coherent with Hetzner server administration and uses official service flows, so it does not look malicious. The main concern is the optional bootstrap path that runs an unpinned personal raw GitHub installer as root via cloud-init, plus optional SSH agent forwarding; these make it medium risk rather than fully benign.

Confidence: 84%Severity: 52%
Audit Metadata
Analyzed At
Mar 18, 2026, 04:51 PM
Package URL
pkg:socket/skills-sh/connorads%2Fdotfiles%2Fhetzner-server%2F@7c09fa7c7f39034d2d2bd699fe15e9bab718a85a
Security Audit — socket — hetzner-server