Skills
skills/wlzh/skills/vps-security-hardening/Gen Agent Trust Hub

vps-security-hardening

Pass

Audited by Gen Agent Trust Hub on Apr 22, 2026

Risk Level: SAFECOMMAND_EXECUTIONCREDENTIALS_UNSAFEEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: The script harden-vps.sh executes a wide range of system-level commands on a remote VPS via SSH. These include modifying /etc/ssh/sshd_config, creating new sudo users with useradd, configuring firewall rules with ufw, and restarting system services.
  • [CREDENTIALS_UNSAFE]: The skill's documentation and script usage instructions require the user to provide the VPS root password and a new user password as plaintext command-line arguments (e.g., --root-pass <PASSWORD>). This can expose credentials in the local machine's shell history or process list.
  • [EXTERNAL_DOWNLOADS]: The skill automates the installation of security tools (ufw, fail2ban, sudo) using the system's package manager (apt). These downloads originate from official operating system repositories.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 22, 2026, 07:38 AM