Pilot Digital Twin Setup

Security checks across malware telemetry and agentic risk

Overview

This is a setup guide for a four-agent digital twin deployment; its persistence and external integrations are disclosed enough to be treated as expected operational behavior.

Before installing, confirm that pilotctl and the pilot-* skills come from sources you trust, review any existing ~/.pilot setup before overwriting the manifest, and configure webhook or Slack endpoints only with appropriately scoped credentials.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (2)

Missing User Warnings

Low

Confidence: 94% confidence
Finding: The setup procedure explicitly instructs writing a manifest under the user's home directory, but the skill description does not warn about this persistent filesystem change. This is a real transparency and consent issue because users may invoke the skill expecting transient setup guidance, not a lasting local configuration artifact.

Missing User Warnings

Medium

Confidence: 96% confidence
Finding: The action-planner role is capable of sending maintenance orders and notifications to external systems, but this externally effectful behavior is not clearly disclosed in the top-level skill description. That omission is risky because users may unknowingly deploy a role that can trigger outbound business actions or notifications beyond the local agent environment.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal