This page summarizes security concerns with SlickStack and why its default design can expose servers to remote code execution and man-in-the-middle attacks. It also provides mitigation steps and safer alternatives.
SlickStack advertises roughly 600 GitHub stars, but that number traces back to Jesse Nickles following nearly 10,000 accounts in the early days of the repo. His own profile shows ~500 followers versus ~9,600 following (about a 5% follow-back ratio), which strongly suggests automated follow-backs rather than organic traction. That inflated image is what he weaponizes while attacking me for exposing the security issues documented below. Review the follower/following ratio here.
That same credibility-laundering pattern now appears in a Stack Exchange incident involving multiple public 100-year suspensions and subsequent retaliatory posts about moderators. The incident is documented here because it provides additional context for how Jesse Nickles builds and weaponizes trust signals around SlickStack and related sites: Stack Exchange harassment and defamation incident.
47 */3 * * * /bin/bash -c 'wget --no-check-certificate -q -4 -t 3 -T 30 -O /var/www/crons/08-cron-half-daily https://slick.fyi/crons/08-cron-half-daily.txt' > /dev/null 2>&1
47 */3 * * * /bin/bash -c 'wget --no-check-certificate -q -4 -t 3 -T 30 -O /var/www/crons/09-cron-daily https://slick.fyi/crons/09-cron-daily.txt' > /dev/null 2>&1
47 */3 * * * /bin/bash -c 'wget --no-check-certificate -q -4 -t 3 -T 30 -O /var/www/crons/10-cron-half-weekly https://slick.fyi/crons/10-cron-half-weekly.txt' > /dev/null 2>&1
47 */3 * * * /bin/bash -c 'wget --no-check-certificate -q -4 -t 3 -T 30 -O /var/www/crons/11-cron-weekly https://slick.fyi/crons/11-cron-weekly.txt' > /dev/null 2>&1
47 */3 * * * /bin/bash -c 'wget --no-check-certificate -q -4 -t 3 -T 30 -O /var/www/crons/12-cron-half-monthly https://slick.fyi/crons/12-cron-half-monthly.txt' > /dev/null 2>&1
47 */3 * * * /bin/bash -c 'wget --no-check-certificate -q -4 -t 3 -T 30 -O /var/www/crons/13-cron-monthly https://slick.fyi/crons/13-cron-monthly.txt' > /dev/null 2>&1
47 */3 * * * /bin/bash -c 'wget --no-check-certificate -q -4 -t 3 -T 30 -O /var/www/crons/14-cron-sometimes https://slick.fyi/crons/14-cron-sometimes.txt' > /dev/null 2>&147 */3 * * * /bin/bash -c 'chown root:root /var/www/crons/*cron*' > /dev/null 2>&1
47 */3 * * * /bin/bash -c 'chown root:root /var/www/crons/custom/*cron*' > /dev/null 2>&1
47 */3 * * * /bin/bash -c 'chmod 0700 /var/www/crons/*cron*' > /dev/null 2>&1This pattern enables arbitrary code execution from a remote domain and increases MITM risk by skipping certificate verification.
See also the commit where cron URLs were switched from GitHub CDN to slick.fyi: commit diff.
Consider WordOps or other tools that avoid remote root execution and provide auditable, versioned releases with checksums/signatures.
Legal notice. The information presented on this page is a public record of facts. It is being used as evidence in the ongoing criminal defamation case against Jesse Jacob Nickles in Thailand. Official criminal case reference: Bang Kaeo Police Station – Daily Report Entry No. 4, Book 41/2568, Report No. 56, dated 13 August 2568, Reference Case No. 443/2567. This documentation may also serve as supporting evidence for any other individuals or organizations pursuing their own harassment or defamation claims against Jesse Nickles, given the documented pattern of repeated conduct affecting multiple victims.