zeabur-server-ssh

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt instructs the agent to obtain and then embed plaintext SSH passwords into commands or code (e.g., sshpass -p '' and connect({... password:''}')), which requires the LLM to handle and output secret values verbatim, creating an exfiltration risk.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.70). The skill explicitly requires running "npx zeabur@latest", which fetches and executes the Zeabur package from the npm registry (e.g. https://www.npmjs.com/package/zeabur), so it is a runtime external dependency that executes remote code.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 1.00). The skill explicitly instructs the agent to SSH into servers using provided credentials, use sudo (e.g., "sudo kubectl") including commands that modify cluster state (exec into containers, rollout restart), and even recommends disabling host key checking, which requests elevated privileges and bypasses security—so it pushes actions that can change the machine's state.