Pilot Email Bridge
Security checks across static analysis, malware telemetry, and agentic risk
Overview
This is a coherent email-bridge skill, but it can send email, share attachments through a relay, use email credentials, and run long-lived Pilot/SMTP components.
Install only if you trust your Pilot tooling and SMTP relay setup. Use scoped email credentials, verify webhook endpoints, review any relay script you run, and confirm before sending attachments or clearing inbox data.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent could send email, clear queued messages, or attach files if a user authorizes or invokes those workflows.
The skill documents shell commands that can send messages, clear an inbox, and transmit a selected file. These actions fit the email-bridge purpose, but they are high-impact operations if run on the wrong recipient, inbox, or file.
pilotctl --json publish localhost email-outbound --data ...; pilotctl --json inbox --clear; pilotctl --json send-file email-relay /path/to/report.pdf
Confirm recipients, message content, file paths, and any inbox-clearing action before running the commands.
Credentials used with this bridge may allow sending or receiving email through the configured account.
The skill requires email credentials, which is expected for sending or receiving email, but it means the setup may grant access to an email account.
Requires pilot-protocol skill, running daemon, SMTP server, and email credentials.
Use a dedicated or least-privileged email account or app password, and avoid sharing credentials with untrusted relay software.
Email bodies, recipients, and attachment references may be handled by the configured webhook or relay.
The skill routes Pilot email events to an SMTP relay webhook. This is central to the bridge design, but email content and metadata may cross a relay boundary.
pilotctl --json set-webhook https://smtp-relay.example.com/send
Use only trusted webhook endpoints, prefer HTTPS for non-local endpoints, and verify the relay’s authentication and logging behavior.
Security depends partly on the installed pilotctl binary, Pilot Protocol skill, and any SMTP relay script or server the user runs.
The skill relies on external tooling and references a relay script that is not included in the provided artifact set. This is not suspicious by itself for an instruction-only integration, but those components are outside this review.
Requires pilot-protocol skill and pilotctl binary on PATH ... python3 smtp_relay_server.py &
Install Pilot tooling and relay software from trusted sources, and review any relay script before running it.
A local bridge or relay may keep processing email-related events until stopped.
The workflow starts a daemon and backgrounds an SMTP relay process. That persistence is expected for an email bridge, but it can continue running after the initial task.
pilotctl --json daemon start --hostname email-relay ... python3 smtp_relay_server.py &
Run the daemon or relay under explicit user control, monitor it, and stop it when the bridge is no longer needed.