ClawHub

Pilot Customer Support Triage Setup

Security checks across malware telemetry and agentic risk

Overview

This is a coherent setup guide for a support triage workflow, but users should be careful because escalations can send customer ticket details to Slack or helpdesk webhooks.

Before installing, confirm you trust pilotctl, clawhub, and the referenced pilot-* skills. Use least-privilege Slack channels and webhook endpoints, avoid publishing raw customer emails or sensitive incident details unless required, and review the generated ~/.pilot manifest before enabling handshakes or external escalation.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (3)

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The skill explicitly states that complex cases are enriched with customer history and account context, then forwarded to external systems via webhook or Slack, but it provides no warning, minimization guidance, or controls for handling potentially sensitive customer data. In a customer support workflow, this omission increases the chance that operators will transmit personal or account data to third-party systems or broad internal channels without considering privacy, retention, or access implications.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The example commands include customer email addresses, enterprise account metadata, and a critical incident description, and they demonstrate publishing that information between agents and into an escalation channel without any caution about sensitive-data exposure. Because README examples are often copied directly into real deployments, this normalizes unsafe handling of customer and incident data and can lead to over-sharing in logs, message buses, Slack, or external helpdesk systems.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill explicitly configures an escalator role to send ticket contents to external helpdesk systems and Slack, but the top-level description and setup guidance do not warn the operator that customer support data may leave the local agent environment. This creates a real transparency and privacy risk because users may deploy the workflow without realizing potentially sensitive ticket data, customer history, or incident details will be disclosed to third parties.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal