Pilot Blocklist

This skill appears to implement a local blocklist workflow for Pilot Protocol using pilotctl and shell/jq commands, but it has a couple of issues you should consider before installing: - Missing declared dependency: The examples use jq but the skill metadata does not declare jq as a required binary. Ensure jq is installed from a trusted package source before using the recipes. - Unimplemented feature claim: The description promises 'sharing and synchronization across networks' but the SKILL.md contains no commands or instructions to share blocklists remotely. If you need sync, ask the author or implement a secure push/pull mechanism (e.g., signed manifests over authenticated channels). - File writes and effect on network: The scripts write to ~/.pilot/blocklists/default.json and call pilotctl untrust/reject which will change agent connectivity. Backup your blocklist and test in a safe environment to avoid accidentally blocking legitimate nodes. - Trust pilotctl provenance: Because the skill invokes pilotctl with node-management commands, make sure your pilotctl binary is from a trusted source and that the pilot daemon is properly secured. Given these inconsistencies the skill is not clearly malicious, but it is incomplete/sloppy. Ask the maintainer to (1) declare jq in required binaries, (2) either remove the 'sharing' claim or add secure sharing instructions, and (3) provide a source repo for review. If you proceed, review the shell commands line-by-line and run them in a controlled environment first.