Back to skill
Skillv1.0.0
ClawScan security
Pilot Broadcast · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 8, 2026, 11:15 PM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's declared purpose (broadcasting via the Pilot Protocol) matches its runtime instructions and requirements; it is an instruction-only wrapper around the pilotctl CLI and does not request unrelated credentials or installs.
- Guidance
- This skill is a thin instruction wrapper for the pilotctl CLI. Before installing: (1) confirm the pilotctl binary on your system is the official/expected implementation and check its version and what config files or keys it uses; (2) verify your trust network (run pilotctl --json trust) so you know who will receive broadcasts; (3) avoid broadcasting sensitive secrets or credentials since messages go to all trusted peers; (4) ensure you also trust the source of the pilot-protocol skill mentioned in compatibility (verify provenance). The skill itself does not request secrets or perform installs, but pilotctl invocations operate with whatever local privileges and config the binary has.
Review Dimensions
- Purpose & Capability
- okName/description, declared dependency on pilotctl and pilot-protocol, and the commands in SKILL.md all describe one-to-many broadcasts over the Pilot Protocol. There are no unrelated environment variables, binaries, or config paths requested.
- Instruction Scope
- okSKILL.md contains only specific pilotctl commands (publish, subscribe, inbox, trust) and an example workflow. It does not instruct the agent to read arbitrary files, pull secrets, or send data to external endpoints beyond pilotctl's operations. It does assume an existing trust network and a running pilotctl daemon.
- Install Mechanism
- okNo install spec — instruction-only skill. This minimizes filesystem risk because the skill itself won't download or write code. The only runtime dependency is the pilotctl binary, which must already be present on PATH.
- Credentials
- okThe skill requires no environment variables or credentials. Note: pilotctl itself (outside this skill) may read local configuration or keys (e.g., user config files or agent keys) when invoked; users should verify pilotctl's own configuration and what it exposes.
- Persistence & Privilege
- okalways:false and user-invocable:true (defaults). The skill does not request permanent inclusion or modifications to other skills. Model invocation is allowed (normal), but combined with no extra privileges this is expected.