proxmox-admin

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.80). The prompt includes CLI examples that embed plaintext passwords (e.g., --cipassword 'secret', --password 'secret') which encourage generating commands containing secret values verbatim, creating an exfiltration risk.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). This skill explicitly instructs fetching and using public third‑party images/templates (e.g., "pveam update/available/download" and "wget https://cloud-images.ubuntu.com/..." in SKILL.md), so it ingests untrusted web-hosted content that the agent is expected to use to create/configure VMs and therefore could materially influence subsequent actions.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 1.00). The skill is explicitly instructing privileged Proxmox host administration (creating/destroying VMs/CTs, editing /etc/pve and network/firewall configs, adding storage/clusters, running commands that require root), which directly modifies system state and can compromise the host.