proxmox-admin

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.90). The prompt includes examples that pass plaintext passwords on the command line (e.g., --cipassword 'secret', --password 'secret'), which encourages embedding secret values verbatim in generated commands and creates exfiltration risk.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill includes explicit commands that fetch and install content from public third‑party sources (e.g., pveam update / pveam download and example wget lines such as https://cloud-images.ubuntu.com/... and https://example.com/image.iso), so the agent could ingest untrusted external templates/ISOs as part of its provisioning workflow.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 1.00). The skill is explicitly instructing privileged Proxmox host administration (creating/destroying VMs/CTs, editing /etc/pve and network/firewall configs, adding storage/clusters, running commands that require root), which directly modifies system state and can compromise the host.