Pilot Alert
Security checks across static analysis, malware telemetry, and agentic risk
Overview
This instruction-only alerting skill uses expected CLI, webhook, and agent-message commands for its stated purpose, but users should configure trusted sources and destinations carefully.
Before using this skill, confirm that pilotctl and the Pilot daemon are trusted, subscribe only to the event topics you intend to monitor, verify webhook URLs and target agents, and avoid forwarding sensitive data in alert payloads.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If invoked with the wrong source, topic, or webhook URL, alerts could be sent to unintended recipients.
The skill permits Bash and documents pilotctl, jq, and curl pipelines. This is expected for alert subscription and webhook delivery, but shell-based workflows can perform outbound actions if misconfigured.
allowed-tools: - Bash
Use narrow event topics, verify webhook URLs and target hostnames, and review payloads before enabling an alert workflow.
Event details may be delivered to external services such as Slack or to an on-call agent.
The skill is designed to forward alert data to external webhooks and other agents, which is purpose-aligned but creates data-boundary considerations.
Supports webhook delivery and direct agent messaging.
Only connect trusted source agents and destination services, and avoid including secrets or sensitive customer data in alert payloads.
A small amount of alert metadata may remain temporarily on the local machine.
The deduplication example stores alert keys and timestamps in a temporary local cache. This is proportionate for deduplication and does not show broad indexing or cross-task memory reuse.
ALERT_FILE="/tmp/alert-cache.txt"
Place the cache in a controlled location if needed and clear it when alert deduplication state should not persist.