cliproxy-newapi-stack
Pass
Audited by Gen Agent Trust Hub on Jun 19, 2026
Risk Level: SAFECOMMAND_EXECUTIONREMOTE_CODE_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill makes extensive use of shell commands and SSH to interact with a remote VPS. Scripts such as
deploy_newapi.sh,topup.sh, andverify_stack.shexecute remote logic to install Docker, manage services, and query database states. These operations are essential for the skill's deployment goals. - [REMOTE_CODE_EXECUTION]: The script
scripts/set_pricing.pyemploys a dynamic code generation pattern where a Python heredoc is constructed locally and piped topython3on the remote server via SSH. This mechanism is used to perform structured updates on the NewAPI SQLite database. Input safety is maintained through strict regex-based validation of parameters in thevalidation.shlibrary. - [COMMAND_EXECUTION]: The troubleshooting documentation in
references/troubleshooting.mdprovides instructions for manual process termination (e.g., usingkill <pid>) to resolve port conflicts. This is a standard system administration procedure and is documented as a manual user action rather than an automated malicious behavior.
Audit Metadata