skills/automindtechnologie-jpg/ultimate-skill.md/Linux Production Shell Scripts/Socket

Linux Production Shell Scripts

Fail

Audited by Socket on Feb 16, 2026

1 alert found:

Malware

MalwareSKILL.md

HIGH

MalwareHIGH

SKILL.md

[Skill Scanner] Installation of third-party script detected All findings: [CRITICAL] command_injection: Installation of third-party script detected (SC006) [AITech 9.1.4] [CRITICAL] command_injection: Instruction directing agent to run/execute external content (CI011) [AITech 9.1.4] [HIGH] command_injection: Backtick command substitution detected (CI003) [AITech 9.1.4] [HIGH] command_injection: Backtick command substitution detected (CI003) [AITech 9.1.4] [HIGH] command_injection: Backtick command substitution detected (CI003) [AITech 9.1.4] [HIGH] command_injection: Backtick command substitution detected (CI003) [AITech 9.1.4] This skill is a collection of practical Linux administration Bash script templates that are consistent with the stated purpose. I found no deliberate obfuscation or clear backdoors. However, several insecure patterns and risky operations are present: plaintext hardcoded DB password, destructive file deletion commands without safeguards, remote execution via ssh streaming local scripts to remotes, and heavy reliance on sudo/root. These make the templates potentially dangerous if used as-is in production or with untrusted inputs/hosts. Recommend treating the code as 'benign but risky'—do not run unchanged in production: remove hardcoded secrets, add input validation, enforce strict file permissions, add dry-run and path checks before delete/rsync --delete, avoid streaming scripts to untrusted remotes, and use credential stores or environment variables with restricted access. LLM verification: The provided shell-script templates are functional for common Linux administration tasks and do not contain obvious obfuscated malware or command-and-control behavior. However, they contain insecure defaults and dangerous operations (hardcoded DB credentials, password echoing, rm -r without safeguards, potential exfiltration via rsync) that pose a meaningful security risk if used as-is in production. Treat these as development templates only: remove hardcoded secrets, add input validation and pa

Confidence: 95%Severity: 90%

Audit Metadata

Analyzed At

Feb 16, 2026, 01:05 PM

Package URL

pkg:socket/skills-sh/automindtechnologie-jpg%2Fultimate-skill.md%2Flinux-production-shell-scripts%2F@c1b07616597410feb0a10a0684901ce2bebaa99f