ssh-server-admin

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill explicitly asks the user to provide passwords, stores them in session memory, and instructs embedding those secrets verbatim into commands and CLI arguments (e.g., sshpass -p, --password, echo [password], python --password), which creates a direct exfiltration risk.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly connects to arbitrary, user-specified remote hosts via SSH and ingests their outputs (see "Session Credential Management" and the "Server Administration Tasks" / "Log Analysis" sections where it runs commands and reads logs from the remote server), meaning untrusted third-party server content is read and used to inform operations.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 0.80). The skill explicitly instructs running privileged commands on the host (e.g., "sudo apt-get install sshpass", use of sudo/systemctl) and performs local SSH key/known_hosts modifications and installs, which ask the agent to change the machine's state and to invoke sudo-level actions.