vllm-deployment
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHCOMMAND_EXECUTIONCREDENTIALS_UNSAFEEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION] (HIGH): The skill provides Docker commands in the Quick Start and Docker Deployment sections that use the '--security-opt seccomp=unconfined' flag. This disables the default Linux kernel-level system call filtering for the container, significantly increasing the risk of a container escape if the vLLM process is exploited.
- [CREDENTIALS_UNSAFE] (MEDIUM): The 'Cloud VM Deployment' section suggests provisioning instances with public IPs and opening ports 22 (SSH) and 8000 (API) for external access without recommending specific network-level authentication or IP whitelisting. vLLM does not have built-in authentication for its OpenAI-compatible API by default, meaning an exposed server can be used by anyone to consume GPU resources.
- [EXTERNAL_DOWNLOADS] (LOW): The instructions rely on the user pulling external container images from unspecified or placeholder sources (''), which encourages the execution of unverified third-party binaries.
Recommendations
- AI detected serious security threats
Audit Metadata