vllm-ascend-deploy

该技能总体与“昇腾 NPU 上部署 vLLM”目的基本一致，未见明显凭据外传或第三方中转 API。主要风险在于索要 SSH 密码并配置免密、自动远程执行部署及创建持续性 cron 任务，以及基于外部文档内容驱动后续操作；因此更适合判为可疑/中等风险，而非明显恶意。

This module does not show explicit malicious payload behavior, but it has substantial security risk. The local execution path uses eval on a dynamically constructed docker command string populated by multiple user-controlled values, creating potential command-injection risk. Additionally, the docker run configuration is highly privileged (--privileged, host networking, extensive device passthrough and host bind mounts, including user-supplied MODEL_PATH/WORK_DIR), which significantly amplifies impact if an attacker controls the inputs or the container image. Treat this as a high-impact deployment script requiring strict input control and safer command construction (no eval, proper quoting, and image pinning).