ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Pilot Model Share

v1.0.0

Distribute ML model files with model card metadata and version tracking over Pilot Protocol. Use this skill when: 1. You need to share PyTorch, ONNX, or Safe...

0· 82·0 current·0 all-time
byCalin Teodor@teoslayer

Install

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for teoslayer/pilot-model-share.

Previewing Install & Setup.
Prompt PreviewInstall & Setup
Install the skill "Pilot Model Share" (teoslayer/pilot-model-share) from ClawHub.
Skill page: https://clawhub.ai/teoslayer/pilot-model-share
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Required binaries: pilotctl
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install pilot-model-share

ClawHub CLI

Package manager switcher

npx clawhub@latest install pilot-model-share
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name and description match the runtime instructions: the SKILL.md shows commands to publish availability, request models, send model metadata and files over pilotctl, which is exactly model sharing/versioning functionality.
Instruction Scope
Instructions are narrowly scoped to publishing messages, sending files, and verifying checksums. They reference jq and md5sum and expect access to local model files and pilotctl's inbox. No instructions attempt to read unrelated system files or extra environment variables, but the doc uses md5sum (a weak checksum) and jq even though those are not declared in the registry metadata.
Install Mechanism
This is an instruction-only skill with no install spec or code files, so nothing is downloaded or written to disk by the skill itself.
Credentials
No environment variables or credentials are requested in the registry metadata. The workflow expects access to local files and to pilotctl/its daemon (network/peer access), which is proportionate for a model-sharing skill. Note: pilotctl may itself rely on persistent keys/config stored elsewhere — the skill does not declare or explain those.
Persistence & Privilege
always is false and the skill is user-invocable. It does not request permanent presence or attempt to modify other skills or system-wide settings.
Assessment
This skill appears to do what it says, but check a few practical things before installing: 1) Ensure the pilotctl daemon and peers are trusted (pilotctl likely has its own keys/config — verify where they are stored and who can access them). 2) The SKILL.md uses jq and md5sum but the registry only declared pilotctl; confirm jq and a hashing tool are available on the agent. 3) Replace MD5 with a stronger hash (SHA-256 or an authenticated signature) if you need robust integrity guarantees, since MD5 is weak against collisions. 4) Be aware you are transmitting model files (which may contain proprietary or sensitive info); only share with authorized peers. 5) If you need to audit or restrict network/file access, test the workflow in a sandbox first. 6) If you will rely on this skill long-term, ask the publisher to update metadata to list jq and the hashing tool and to clarify any pilotctl authentication requirements.

Like a lobster shell, security has layers — review code before you run it.

Runtime requirements

Binspilotctl
latestvk975pkq006e85zscksyce9xqr584hmy1
82downloads
0stars
1versions
Updated 2w ago
v1.0.0
MIT-0
Calin Teodor@teoslayer
latest
Download

pilot-model-share

ML model distribution with model cards, metadata, and version tracking.

Commands

Publish Model Availability

pilotctl --json publish "$PEER" models --data '{"type":"model_available","name":"resnet50","version":"1.0.0","framework":"pytorch"}'

Request Model

pilotctl --json send-message "$DEST" --data '{"type":"model_request","name":"resnet50","preferred_format":"onnx"}'

Send Model with Metadata

pilotctl --json send-message "$DEST" --data '{"type":"model_metadata","name":"llama3_8b","file":{"checksum":"abc123"}}'
pilotctl --json send-file "$DEST" "$MODEL_FILE"

Validate Checksum

EXPECTED_CHECKSUM=$(pilotctl --json inbox | jq -r '.messages[] | select(.type == "model_metadata") | .file.checksum' | head -1)
ACTUAL_CHECKSUM=$(md5sum "$RECEIVED_MODEL" | cut -d' ' -f1)
[ "$EXPECTED_CHECKSUM" = "$ACTUAL_CHECKSUM" ] && echo "Model verified"

Workflow Example

#!/bin/bash
# Model distribution

PEER="agent-b"

share_model() {
  local model_file="$1"
  local model_name="${2:-$(basename $model_file .pth)}"

  pilotctl --json publish "$PEER" models --data "{\"type\":\"model_available\",\"name\":\"$model_name\"}"
}

share_model "model.pth" "my-model"

Dependencies

Requires pilot-protocol, pilotctl, jq, and md5sum.

Comments

Loading comments...