Skills
skills/diegosouzapw/awesome-omni-skill/ssh-server-admin/Gen Agent Trust Hub

ssh-server-admin

Warn

Audited by Gen Agent Trust Hub on Apr 9, 2026

Risk Level: MEDIUMCREDENTIALS_UNSAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [CREDENTIALS_UNSAFE]: The skill instructs the agent to pass user passwords as plaintext arguments in shell commands (e.g., sshpass -p '[password]' and python scripts/ssh_helper.py --password [password]). This is a security risk as passwords become visible in the system's process list (e.g., via ps or top commands).
  • [COMMAND_EXECUTION]: The skill dynamically constructs and executes shell commands for SSH connectivity, remote administration (systemctl, journalctl), and file transfers (SCP/SFTP) based on user-provided input.
  • [EXTERNAL_DOWNLOADS]: The skill requires the installation of external dependencies, including the Python library paramiko via pip and the sshpass utility via system package managers (apt, brew, yum).
  • [COMMAND_EXECUTION]: The skill relies on a local script scripts/ssh_helper.py which is not provided in the source files, making its internal logic and safety unverified.
  • [CREDENTIALS_UNSAFE]: Use of -o StrictHostKeyChecking=accept-new automatically trusts new host keys, which provides convenience but reduces protection against Man-in-the-Middle (MitM) attacks during the initial connection.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Apr 9, 2026, 11:48 AM
Security Audit — agent-trust-hub — ssh-server-admin