Skills
skills/michaelvessia/nixos-config/proxmox/Gen Agent Trust Hub

proxmox

Fail

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: HIGHCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION] (HIGH): The skill enables the execution of arbitrary commands on remote containers. Evidence: The use of ssh proxmox "pct exec <CTID> -- <command>" allows for unrestricted command execution as a privileged user inside any container.
  • [DATA_EXFILTRATION] (HIGH): The skill accesses sensitive system configuration files that may contain storage credentials, network topology, or backup schedules. Evidence: Access to /etc/pve/storage.cfg, /etc/pve/jobs.cfg, and /etc/network/interfaces via SSH commands.
  • [COMMAND_EXECUTION] (MEDIUM): Extensive administrative control over the virtualization host, including starting, stopping, and entering VM/container shells. Evidence: Numerous pct and qm commands listed throughout SKILL.md.
  • [PROMPT_INJECTION] (LOW): The skill is vulnerable to indirect prompt injection via log monitoring or documentation reading.
  • Ingestion points: Reads outputs from journalctl and a local documentation file ~/obsidian/Notes/PROXMOX_SETUP.md.
  • Boundary markers: None provided; the agent processes raw command output and file text.
  • Capability inventory: Powerful Bash tool with ssh access to infrastructure and the ability to execute commands inside containers.
  • Sanitization: None; external data from logs or notes is interpolated directly into the agent context.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 17, 2026, 06:25 PM