keycloak-admin

The skill targets legitimate Keycloak administration tasks and demonstrates coherent workflows for managing realms, clients, users, roles, groups, themes, and token configuration via the Admin REST API. However, significant security concerns exist: reliance on the Resource Owner Password Credentials flow for admin token, plaintext/admin credentials in documentation, and non-TLS example endpoints. While the artifact is not inherently malicious, its current form presents substantial supply-chain and operational risks if used as-is. Mitigations include replacing password grant with confidential flows (e.g., client credentials or mTLS), removing hardcoded credentials from docs, ensuring TLS for all endpoints, implementing secret management, and avoiding logging sensitive data. Overall security risk: elevated (moderate-to-high) due to credential handling patterns and privileged admin capabilities; malware likelihood remains low given no evidence of backdoors or data exfiltration.