infra-manage-ssh-services

[Skill Scanner] Credential file access detected All findings: [HIGH] data_exfiltration: Credential file access detected (DE002) [AITech 8.2.3] [HIGH] data_exfiltration: Credential file access detected (DE002) [AITech 8.2.3] [HIGH] data_exfiltration: Remote file transfer via SSH/SCP/SFTP/rsync detected (NW001) [AITech 8.2.3] [HIGH] data_exfiltration: Remote file transfer via SSH/SCP/SFTP/rsync detected (NW001) [AITech 8.2.3] [HIGH] data_exfiltration: Credential file access detected (DE002) [AITech 8.2.3] No explicit malware or backdoor code is present in the provided material. The content is an administrative infra-management guide that reasonably needs high privileges (SSH, Docker). Primary concerns are operational security: potential exposure of SSH keys and local secrets (encouraged by instructions), arbitrary file transfer capability (syncpi), and a non-obvious telemetry sink (OTLP to infra.local:4317). Use is acceptable within a trusted operator and trusted LAN environment but poses medium risk if executed without strict verification, auditing, and safer secret-handling practices. LLM verification: The skill fragment is aligned with its stated purpose of infrastructure SSH and Docker management, but includes sensitive credential references (SSH config, SSH keys, potential key setup steps) and remote file-transfer mentions that require strict access controls and auditability to avoid credential leakage. No explicit external download or weaponization patterns are evident, but workflows could enable credential exposure if exposed to an untrusted agent. Overall risk is elevated due to credenti