ClawAudit verdict
proxmox-dc-lifecycle
Receives external input AND uses eval
Skill provides IaC-style runbooks for Proxmox VM and Active Directory lifecycle management; all operations target the user's own infrastructure via the Proxmox API and the content explicitly warns against corrupting Active Directory.
Automated static analysis — not a human review. ClawAudit flags capabilities, not confirmed intent, and can produce false positives. Disagree with this verdict? Use Dispute below.
What it does
These are capability combinations: each listed behavior occurs in the skill, but ClawAudit detects co-occurrence — it does not verify that one flows into another. Read the code to confirm a live chain.
Receives external input AND uses eval — the remote code-injection pattern (data-flow not verified)
LLM01 · LLM05 · ASI01 · ASI05
Findings (5)
Accesses system credential store
SKILL.md · code · credentialStore
References sudo — requests elevated privileges
references/os-reinstall.md · code · sudo
apt-get install — installs system packages
references/os-reinstall.md · code · apt-get install
Instructs covert action — may act without user awareness
references/os-reinstall.md · prose · downgraded · silently
Popular HTTP library — network access
references/metadata-cleanup.md · prose · downgraded · got
Why the tier is capped
Execution sink present in raw bytes (Hard Floor: class E). Final tier capped at Caution — cannot be lifted by any downgrade, example-payload opt-in, or allowlist.
Permissions & capabilities
Requires 3 system binaries.
network_indynamic_evalcredential_store Thanks — recorded.