ClawHub

Pilot Cloud Cost Optimizer Setup

Security checks across malware telemetry and agentic risk

Overview

This is a transparent FinOps setup skill, but it wires agents that can exchange sensitive cloud-cost data and may trigger cloud-resource changes without enough documented approval, scoping, or rollback controls.

Review before installing. Use only test or tightly scoped cloud accounts at first, inspect each dependent Pilot skill, pin versions where possible, require human approval for any resource shutdown, resize, or purchase action, verify all peer hostnames before handshakes, and confirm Slack/email/webhook destinations and retention policies before sending reports.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (4)

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The README explicitly describes an optimizer that can shut down idle resources, schedule commitments, and rightsize VMs, but it does not warn that these actions can disrupt production workloads, remove capacity, or create irreversible service impact if recommendations are wrong. In this skill's context, the danger is elevated because the pipeline is framed as an automated multi-agent setup and the optimizer receives recommendations from another agent, which can normalize destructive changes without a clear approval gate or rollback guidance.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The README states that the reporter sends summaries and savings reports to Slack and email, but it does not warn that these reports may disclose billing data, resource identifiers, anomaly details, and operational metadata to external systems. In this skill's context, that omission matters because cloud cost reports often contain sensitive business and infrastructure information, and external delivery channels may have broader retention, forwarding, and access exposure than the internal agent network.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The skill instructs the agent to change the local hostname and create persistent files under ~/.pilot/setups, but it does not prominently warn the user about these side effects before setup. This can lead to unexpected system changes, persistence, and confusion during multi-agent deployments, especially if the user believes the action is ephemeral or read-only.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The reporter role is designed to send cost reports and alerts to external destinations such as Slack, email, or webhooks, but the skill does not include a clear privacy/integrity warning about external data transmission. Cost and infrastructure metadata can be sensitive, and sending it externally without explicit warning or validation increases the risk of unintended disclosure or misdelivery.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal