Model Deployment

Name: custom-plugin-ai-engineer/model-deployment
Author: pluginagentmarketplace

Share on X Share on LinkedIn Share on Bluesky

100Critical

The model deployment skill allows remote code execution and uses unpinned dependencies, posing significant supply chain risks.

ThreatsCI SM CS BC S HITL

Behavior Analysis

Description verified — behavior matches claim

Claims to do

Model Deployment: Deploy LLMs to production with optimal performance.

Actually does

This skill provides code examples and instructions for deploying Large Language Models (LLMs) using tools like vLLM, Text Generation Inference (TGI), Ollama, and a custom FastAPI server. It demonstrates installing these tools, starting local servers, querying their HTTP endpoints (e.g., `http://localhost:8000`, `http://localhost:8080`, `http://localhost:11434`), and downloading models like `meta-llama/Llama-2-7b-chat-hf` from Hugging Face. It also includes examples for Docker, Kubernetes, optimization techniques, and Prometheus monitoring.

Threat Analysis

AI Agent Traps ↗Scanned 4/13/2026

Content InjectionPerceptionclean

Semantic ManipulationReasoningclean

Cognitive StateMemory & Learning1 finding

Behavioural ControlAction1 finding

SystemicMulti-Agent Dynamicsclean

Human-in-the-LoopHuman Overseerclean

Skill Info

Namepluginagentmarketplace/custom-plugin-ai-engineer/model-deployment

Registrygithub

Version5db0287caa4f

PURLpkg:github/pluginagentmarketplace/custom-plugin-ai-engineer@5db0287caa4f#model-deployment

Stars2

Source

Repository ↗SKILL.md ↗

SHA-25690b3db416a72...

SHA-11cc3916eeb48...

MD54f6a8015a401...

TLSHc602f890ec60...

ssdeep192:JLs3Zens...

Size8,630 bytes

Install

This skill has been flagged as potentially malicious. Review the findings below before installing.

GitHub

https://github.com/pluginagentmarketplace/custom-plugin-ai-engineer/tree/main/skills/model-deployment

Claude CodeDocs

/plugin marketplace add pluginagentmarketplace/custom-plugin-ai-engineer

/plugin install model-deployment@pluginagentmarketplace/custom-plugin-ai-engineer

Skills.shDocs

npx skills add https://github.com/pluginagentmarketplace/custom-plugin-ai-engineer --skill model-deployment

Assessments (2)

AI Agent Traps ↗

Remote code download and execution detectedcriticalcommand execution

Remote code download and execution detected

100% confidenceline 56

curl -fsSL https://ollama.ai/install.sh | sh

Unpinned dependency installation — package installed without version pinningmediumsupply chain

Unpinned dependency installation — package installed without version pinning

100% confidenceline 18

pip install vllm

Badge

Markdown

[![Mondoo Skill Check](https://mondoo.com/ai-agent-security/api/badge/github/pluginagentmarketplace/custom-plugin-ai-engineer/model-deployment.svg)](https://mondoo.com/ai-agent-security/skills/github/pluginagentmarketplace/custom-plugin-ai-engineer/model-deployment)

HTML

<a href="https://mondoo.com/ai-agent-security/skills/github/pluginagentmarketplace/custom-plugin-ai-engineer/model-deployment"><img src="https://mondoo.com/ai-agent-security/api/badge/github/pluginagentmarketplace/custom-plugin-ai-engineer/model-deployment.svg" alt="Mondoo Skill Check" /></a>

Image URL

https://mondoo.com/ai-agent-security/api/badge/github/pluginagentmarketplace/custom-plugin-ai-engineer/model-deployment.svg

Secure your AI agents

Skills can read files, run commands, and access credentials. Mondoo helps organizations manage the security risks of AI agent skills across their entire fleet.

Continuous scanning of skills across all registries
Policy enforcement before skills reach your agents
Integration with your existing security workflow