quip-node-manager
Fail
Audited by Gen Agent Trust Hub on Apr 30, 2026
Risk Level: HIGHREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSCREDENTIALS_UNSAFE
Full Analysis
- [REMOTE_CODE_EXECUTION]: The skill provides installation commands that download scripts from an external source and pipe them directly into system interpreters for immediate execution.
- Evidence:
curl -fsSL https://gitlab.com/quip.network/quip-node-manager/-/raw/main/scripts/install.sh | sh(SKILL.md) - Evidence:
irm https://gitlab.com/quip.network/quip-node-manager/-/raw/main/scripts/install.ps1 | iex(SKILL.md) - [COMMAND_EXECUTION]: The backend Rust code uses
std::process::Commandto execute external binaries on the host system, including Docker, nvidia-smi, and certbot. - Evidence: Subprocess calls in
src-tauri/src/docker.rsandsrc-tauri/src/gpu.rsexecutedocker pull,docker run, andnvidia-smi. - [EXTERNAL_DOWNLOADS]: The skill performs runtime downloads of standalone binaries and Docker images from third-party registries.
- Evidence:
pull_imageandrun_node_containerfunctions indocker.rsfetch images from remote registries. - [CREDENTIALS_UNSAFE]: The skill manages sensitive data including node secrets and TLS private keys in local directories, and it references environment variables for API tokens.
- Evidence: References to
~/quip-data/secret,privkey.pem, andDWAVE_TOKENenvironment variable in the configuration schema and data directory documentation. - [COMMAND_EXECUTION]: The documentation suggests executing commands with elevated privileges (sudo) for certificate management.
- Evidence:
sudo certbot certonly --standalone -d your.domain.com(SKILL.md)
Recommendations
- HIGH: Downloads and executes remote code from: https://gitlab.com/quip.network/quip-node-manager/-/raw/main/scripts/install.sh - DO NOT USE without thorough review
- AI detected serious security threats
Audit Metadata