gpu-server-management

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). The skill fetches and executes remote packages/images at runtime (e.g., curl https://nvidia.github.io/libnvidia-container/$distribution/libnvidia-container.list to add an external apt repo and apt install nvidia-driver/cuda, and docker run nvcr.io/nvidia/k8s/dcgm-exporter:latest and docker run nvidia/cuda:12.6.0-base-ubuntu22.04 which pull and execute remote container images), so external content directly results in executing remote code.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 1.00). The skill explicitly instructs the agent to run many sudo commands that change system state (adding apt repos and keyrings, installing drivers and packages, writing to /etc and /sys, restarting systemd services, configuring kernel settings and rc.local, running privileged Docker with SYS_ADMIN), which are privileged, state-modifying operations that can compromise the host.