Skillv1.0.0

ClawScan security

Pilot Ai Tutoring System Setup · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignApr 22, 2026, 7:27 PM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's requested tools and runtime instructions match its stated goal (deploying three Pilot agents), and nothing in the SKILL.md asks for unrelated credentials or suspicious system access.
Guidance: This skill looks coherent for deploying a 3-agent Pilot tutoring pipeline, but before proceeding: 1) verify pilotctl and clawhub binaries are from trusted sources and understand what they install/manage; 2) review the JSON manifest that will be written under ~/.pilot/setups and back up any existing data there; 3) be aware the setup creates persistent agents that open network communication (handshakes and data on port 1002) and auto-approve trust when both sides handshake — run in a segmented or test network if unsure; 4) inspect any pilot-* packages you install (pilot-archive, pilot-chat, etc.) because they will run long-term and may require additional credentials or network access. If you want extra assurance, run the install steps manually rather than allowing an automated agent to perform them.

Review Dimensions

Purpose & Capability: okThe name/description (deploy a 3-agent adaptive tutoring setup) matches the actions the skill instructs: use pilotctl to set hostnames/handshakes and clawhub to install related pilot-* skills. Requiring pilotctl and clawhub is appropriate for this purpose.
Instruction Scope: noteInstructions are procedural and scoped to setup tasks (installing skills, writing a JSON manifest to ~/.pilot/setups, running pilotctl publish/subscribe and handshake commands). This involves creating files in the user's home directory and initiating network handshakes and inter-agent traffic on port 1002 — expected for a multi-agent setup but worth noting because it enables automatic trust establishment and cross-host data flows.
Install Mechanism: okThis is an instruction-only skill with no install spec or downloadable artifacts, so it doesn't itself write or execute new code. The install actions it tells the user to run (clawhub install) are external and therefore outside this skill's direct install risk surface.
Credentials: okThe skill declares no required environment variables or credentials. All declared dependencies are local binaries (pilotctl, clawhub) which are directly relevant to the described setup; there are no unrelated secrets requested.
Persistence & Privilege: noteThe skill is user-invocable and not always-on. It instructs installing additional pilot-* skills via clawhub and to create persistent manifests under ~/.pilot — normal for this purpose but these actions grant ongoing presence to the installed pilot components and enable networked agent behavior, so the user should be aware.