Scan Report
5 /100
server-audit
Server Audit Skill for AI Agents — full diagnostic of Proxmox VE and Linux servers (Debian/Ubuntu/RHEL/CentOS) via read-only SSH commands
Pure documentation-only skill describing read-only SSH diagnostic commands for Proxmox and Linux server auditing; no executable code, scripts, or hidden functionality present.
Safe to install
Approve for use. This skill contains only markdown documentation files describing SSH-based diagnostic commands. The skill correctly scopes itself to read-only audit operations with explicit prohibitions against state-changing commands.
| Resource | Declared | Inferred | Status | Evidence |
|---|---|---|---|---|
| Shell | READ | READ | ✓ Aligned | SKILL.md and references/* describe only diagnostic SSH exec commands (lscpu, sma… |
| Filesystem | WRITE | WRITE | ✓ Aligned | linux-audit.md:252 'DOC_DIR=/DATA/local_database/${PROJECT}/Servers/${HOSTNAME}'… |
| Network | READ | READ | ✓ Aligned | All network access is via SSH to remote servers for diagnostic commands only (ip… |
| Environment | NONE | NONE | — | No environment variable access detected; HOSTNAME/SERVER_IP are captured from th… |
| Skill Invoke | NONE | NONE | — | No skill chaining or inter-skill invocation present |
| Clipboard | NONE | NONE | — | No clipboard access found |
| Browser | NONE | NONE | — | No browser automation found |
| Database | NONE | NONE | — | No database access found |
File Tree
4 files · 29.7 KB · 697 lines Markdown 4f · 697L
├─
▾
references
│ ├─
linux-audit.md
Markdown
│ └─
proxmox-audit.md
Markdown
├─
README.md
Markdown
└─
SKILL.md
Markdown
Security Positives
✓ Skill explicitly scopes to read-only operations ('Аудит = тільки читати') with enumerated prohibitions against state-changing commands
✓ All SSH commands are fully declared in SKILL.md and reference files — no hidden functionality
✓ Commands use standard diagnostic tools (lscpu, dmidecode, smartctl, journalctl, ipmitool, etc.) that match the documented purpose
✓ Documentation saving writes to a predictable local Obsidian vault path — not an external server
✓ No external network connections to unknown IPs; all remote access is over SSH to user-provided server addresses
✓ No obfuscation techniques (base64, eval, atob) present
✓ No credential harvesting, no data exfiltration, no reverse shell indicators
✓ No malicious dependencies — entire file tree is markdown documentation only
✓ Skill is version-controlled and documented with clear trigger conditions and audit workflow