ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Pilot Brand Protection Setup

v1.0.0

Deploy a brand protection system with 4 agents for scanning, classification, enforcement, and reporting. Use this skill when: 1. User wants to set up brand m...

0· 88·0 current·0 all-time
byCalin Teodor@teoslayer

Install

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for teoslayer/pilot-brand-protection-setup.

Previewing Install & Setup.
Prompt PreviewInstall & Setup
Install the skill "Pilot Brand Protection Setup" (teoslayer/pilot-brand-protection-setup) from ClawHub.
Skill page: https://clawhub.ai/teoslayer/pilot-brand-protection-setup
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Required binaries: pilotctl, clawhub
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install pilot-brand-protection-setup

ClawHub CLI

Package manager switcher

npx clawhub@latest install pilot-brand-protection-setup
Security Scan
Capability signals
Crypto
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The name/description align with the runtime instructions: it installs pilot-* skills, sets hostnames with pilotctl, and wires four agents. The declared required binaries (pilotctl, clawhub) are appropriate. However the registry metadata lists no required config paths even though the instructions write manifests to ~/.pilot/setups — a metadata mismatch.
Instruction Scope
SKILL.md explicitly instructs installing other skills (via clawhub), writing a JSON manifest to ~/.pilot/setups, setting hostnames, and initiating network handshakes/publish/subscribe on port 1002 (and external reporting on 443). These actions are within the stated scope, but they involve writing to user home and establishing network trust relationships (handshakes) that should be reviewed by the user.
Install Mechanism
This is instruction-only (no install spec). That minimizes hidden installation risk because no external archives or installers are fetched by the skill itself; it relies on the existing pilotctl and clawhub binaries which must be trusted separately.
Credentials
The skill declares no required env vars or primary credential, which is consistent for a meta-setup guide. However the enforcer and connectors (pilot-webhook-bridge, pilot-slack-bridge, etc.) implied by the setup will need credentials and API tokens to call platform APIs and file takedowns — the SKILL.md does not mention collecting or validating those credentials. Expect credential configuration to be required for downstream components.
Persistence & Privilege
always is false and model invocation is normal. The skill instructs writing persistent config files under ~/.pilot but does not request elevated system privileges or modify other skills' configs. This is expected for a setup/installation guide, though users should review created manifests before trusting them.
What to consider before installing
This skill is a deployment guide for a multi-agent brand-protection system and largely does what it says, but take these precautions before proceeding: 1) Verify pilotctl and clawhub are official/trusted binaries (the skill relies on them). 2) Review any manifest written to ~/.pilot/setups before saving — the SKILL.md instructs creating that file but the package metadata did not declare config paths. 3) Understand that the enforcer and bridges will require API credentials (platform APIs, legal services, Slack, etc.); supply those separately and securely. 4) Be careful when establishing handshakes/trust: hostnames collisions or accidental connections could link your agent to an unexpected peer. 5) If you are unsure about any downstream pilot-* skills the setup will install, inspect those packages and their required env vars/permissions first. If you want higher assurance, ask the publisher for signed release artifacts or more complete metadata documenting required config paths and credential needs.

Like a lobster shell, security has layers — review code before you run it.

Runtime requirements

Binspilotctl, clawhub
latestvk97bwmpe4wkfhnf66ren80b7rn85afrz
88downloads
0stars
1versions
Updated 6d ago
v1.0.0
MIT-0
Calin Teodor@teoslayer
latest
Download

Brand Protection Setup

Deploy 4 agents: scanner, classifier, enforcer, and dashboard.

Roles

RoleHostnameSkillsPurpose
scanner<prefix>-scannerpilot-stream-data, pilot-cron, pilot-archiveCrawls marketplaces and social media for brand violations
classifier<prefix>-classifierpilot-event-filter, pilot-task-router, pilot-metricsClassifies violations by type, severity, and platform
enforcer<prefix>-enforcerpilot-webhook-bridge, pilot-audit-log, pilot-receiptFiles DMCA notices and platform reports, tracks status
dashboard<prefix>-dashboardpilot-metrics, pilot-slack-bridge, pilot-announceVisualizes brand health, violation trends, enforcement rates

Setup Procedure

Step 1: Ask the user which role this agent should play and what prefix to use.

Step 2: Install the skills for the chosen role:

# For scanner:
clawhub install pilot-stream-data pilot-cron pilot-archive
# For classifier:
clawhub install pilot-event-filter pilot-task-router pilot-metrics
# For enforcer:
clawhub install pilot-webhook-bridge pilot-audit-log pilot-receipt
# For dashboard:
clawhub install pilot-metrics pilot-slack-bridge pilot-announce

Step 3: Set the hostname:

pilotctl --json set-hostname <prefix>-<role>

Step 4: Write the setup manifest:

mkdir -p ~/.pilot/setups
cat > ~/.pilot/setups/brand-protection.json << 'MANIFEST'
<INSERT ROLE MANIFEST FROM BELOW>
MANIFEST

Step 5: Tell the user to initiate handshakes with direct communication peers.

Manifest Templates Per Role

scanner

{
  "setup": "brand-protection", "setup_name": "Brand Protection",
  "role": "scanner", "role_name": "Brand Scanner",
  "hostname": "<prefix>-scanner",
  "description": "Crawls marketplaces, social media, and domains for unauthorized brand usage and counterfeits.",
  "skills": {"pilot-stream-data": "Stream crawled listings and social media posts for analysis.", "pilot-cron": "Schedule periodic scans across configured platforms.", "pilot-archive": "Archive raw scan results and evidence snapshots."},
  "peers": [{"role": "classifier", "hostname": "<prefix>-classifier", "description": "Receives brand violations for classification"}],
  "data_flows": [{"direction": "send", "peer": "<prefix>-classifier", "port": 1002, "topic": "brand-violation", "description": "Brand violations detected across platforms"}],
  "handshakes_needed": ["<prefix>-classifier"]
}

classifier

{
  "setup": "brand-protection", "setup_name": "Brand Protection",
  "role": "classifier", "role_name": "Threat Classifier",
  "hostname": "<prefix>-classifier",
  "description": "Classifies violations by type (counterfeit, impersonation, trademark), severity, and platform.",
  "skills": {"pilot-event-filter": "Filter noise and deduplicate violations across platforms.", "pilot-task-router": "Route violations to appropriate classification workflows by type.", "pilot-metrics": "Track violation counts, severity distribution, and platform breakdown."},
  "peers": [{"role": "scanner", "hostname": "<prefix>-scanner", "description": "Sends brand violations"}, {"role": "enforcer", "hostname": "<prefix>-enforcer", "description": "Receives classified threats"}],
  "data_flows": [{"direction": "receive", "peer": "<prefix>-scanner", "port": 1002, "topic": "brand-violation", "description": "Brand violations detected across platforms"}, {"direction": "send", "peer": "<prefix>-enforcer", "port": 1002, "topic": "classified-threat", "description": "Classified threats with type, severity, and priority"}],
  "handshakes_needed": ["<prefix>-scanner", "<prefix>-enforcer"]
}

enforcer

{
  "setup": "brand-protection", "setup_name": "Brand Protection",
  "role": "enforcer", "role_name": "Takedown Enforcer",
  "hostname": "<prefix>-enforcer",
  "description": "Files DMCA notices, platform reports, and cease-and-desist requests. Tracks enforcement status.",
  "skills": {"pilot-webhook-bridge": "Submit takedown requests to platform APIs and legal services.", "pilot-audit-log": "Log all enforcement actions with evidence chain and timestamps.", "pilot-receipt": "Generate and store receipts for filed takedown notices."},
  "peers": [{"role": "classifier", "hostname": "<prefix>-classifier", "description": "Sends classified threats"}, {"role": "dashboard", "hostname": "<prefix>-dashboard", "description": "Receives enforcement actions"}],
  "data_flows": [{"direction": "receive", "peer": "<prefix>-classifier", "port": 1002, "topic": "classified-threat", "description": "Classified threats to enforce"}, {"direction": "send", "peer": "<prefix>-dashboard", "port": 1002, "topic": "enforcement-action", "description": "Enforcement actions with status and outcomes"}],
  "handshakes_needed": ["<prefix>-classifier", "<prefix>-dashboard"]
}

dashboard

{
  "setup": "brand-protection", "setup_name": "Brand Protection",
  "role": "dashboard", "role_name": "Brand Dashboard",
  "hostname": "<prefix>-dashboard",
  "description": "Visualizes brand health metrics, violation trends, and enforcement success rates.",
  "skills": {"pilot-metrics": "Compute brand health scores, violation trends, and enforcement KPIs.", "pilot-slack-bridge": "Post brand health summaries and critical alerts to Slack.", "pilot-announce": "Broadcast periodic brand health reports to stakeholders."},
  "peers": [{"role": "enforcer", "hostname": "<prefix>-enforcer", "description": "Sends enforcement actions"}],
  "data_flows": [{"direction": "receive", "peer": "<prefix>-enforcer", "port": 1002, "topic": "enforcement-action", "description": "Enforcement actions with status and outcomes"}, {"direction": "send", "peer": "external", "port": 443, "topic": "brand-report", "description": "Brand health reports to stakeholders"}],
  "handshakes_needed": ["<prefix>-enforcer"]
}

Data Flows

  • scanner -> classifier : brand-violation events from platform scans (port 1002)
  • classifier -> enforcer : classified-threat with type, severity, and priority (port 1002)
  • enforcer -> dashboard : enforcement-action with status and outcomes (port 1002)
  • dashboard -> external : brand-report via Slack and webhooks (port 443)

Handshakes

# scanner <-> classifier:
pilotctl --json handshake <prefix>-classifier "setup: brand-protection"
pilotctl --json handshake <prefix>-scanner "setup: brand-protection"
# classifier <-> enforcer:
pilotctl --json handshake <prefix>-enforcer "setup: brand-protection"
pilotctl --json handshake <prefix>-classifier "setup: brand-protection"
# enforcer <-> dashboard:
pilotctl --json handshake <prefix>-dashboard "setup: brand-protection"
pilotctl --json handshake <prefix>-enforcer "setup: brand-protection"

Workflow Example

# On scanner -- publish detected violation:
pilotctl --json publish <prefix>-classifier brand-violation '{"violation_id":"BV-20481","platform":"amazon","type":"counterfeit","confidence":0.91}'
# On classifier -- publish classified threat:
pilotctl --json publish <prefix>-enforcer classified-threat '{"violation_id":"BV-20481","severity":"high","action":"dmca_takedown"}'
# On enforcer -- publish enforcement action:
pilotctl --json publish <prefix>-dashboard enforcement-action '{"violation_id":"BV-20481","action":"dmca_filed","status":"pending"}'
# On dashboard -- publish brand report:
pilotctl --json publish <prefix>-dashboard brand-report '{"period":"2026-W15","violations":23,"takedowns_filed":18,"success_rate":0.78}'

Dependencies

Requires pilot-protocol skill, pilotctl binary, clawhub binary, and a running daemon.

Comments

Loading comments...