proxmox-ops

Ops-focused Proxmox VE management via REST API — monitor, control, provision, and troubleshoot VMs and LXC containers with battle-tested operational patterns. Use when asked to: - List, start, stop, restart VMs or LXC containers - Check node status, cluster health, or resource usage - Create, cl...

Install this skill

or

60/100

Security score

The proxmox-ops skill was audited on May 31, 2026 and we found 12 security issues across 2 threat categories. Review the findings below before installing.

Categories Tested

Security Issues

medium line 18

Access to hidden dotfiles in home directory

SourceSKILL.md

18	Credentials: PROXMOX_HOST, PROXMOX_TOKEN_ID, PROXMOX_TOKEN_SECRET — set as env vars or stored in ~/.proxmox-credentials (sourced at runtime, user-created, mode 600).

medium line 19

Access to hidden dotfiles in home directory

SourceSKILL.md

19	Writes: ~/.proxmox-credentials (user-created, API token, mode 600).

medium line 23

Access to hidden dotfiles in home directory

SourceSKILL.md

23	Configuration: ~/.proxmox-credentials

medium line 31

Access to hidden dotfiles in home directory

SourceSKILL.md

31	Create a credential file at `~/.proxmox-credentials`:

low line 34

Access to hidden dotfiles in home directory

SourceSKILL.md

34	cat > ~/.proxmox-credentials <<'EOF'

low line 39

Access to hidden dotfiles in home directory

SourceSKILL.md

39	chmod 600 ~/.proxmox-credentials

medium line 42

Access to hidden dotfiles in home directory

SourceSKILL.md

42	Alternative: Set `PROXMOX_HOST`, `PROXMOX_TOKEN_ID`, and `PROXMOX_TOKEN_SECRET` as environment variables directly (useful for CI/agent contexts). The helper script checks env vars first, then fall

low line 49

Access to hidden dotfiles in home directory

SourceSKILL.md

49	source ~/.proxmox-credentials

medium line 74

Access to hidden dotfiles in home directory

SourceSKILL.md

74	1. Load credentials from `~/.proxmox-credentials`

medium line 200

Access to hidden dotfiles in home directory

SourceSKILL.md

200	- Credential file (`~/.proxmox-credentials`) is user-created, not auto-generated by this skill. Must be mode 600 (`chmod 600 ~/.proxmox-credentials`). Rotate tokens immediately if exposed

low line 35

External URL reference

SourceSKILL.md

35	PROXMOX_HOST=https://<your-proxmox-ip>:8006

low line 201

External URL reference

SourceSKILL.md

201	- TLS verification disabled (`-k` / `--insecure`) — Proxmox VE uses self-signed certificates by default ([Proxmox docs](https://pve.proxmox.com/wiki/Certificate_Management)). If you deploy a trust

Scanned on May 31, 2026

View Security Dashboard

Installation guide →

GitHub Stars 9

Rate this skill

Categorydevops

UpdatedMay 31, 2026

frontend git api testing devops

eddygk/proxmox-ops