vm0-cli

This is a user guide for the vm0 CLI that legitimately requires access to environment variables, local files, and networked model/provider endpoints. The document itself contains no code-level malware or obfuscated payloads. The main security risk is operational: examples encourage insecure patterns (inline secrets, .env samples) and the workflow requires sending sensitive data and credentials to remote services (vm0 and third-party providers). Before using in production, operators should ensure CI secret handling, avoid inline credentials, verify token scopes and rotation, review VM0 and provider privacy and retention policies, and limit what data is uploaded to remote volumes/artifacts. No direct evidence of malicious intent found in this document.