Pilot Event Replay
Security checks across static analysis, malware telemetry, and agentic risk
Overview
This instruction-only skill does what it advertises—recording and replaying Pilot event streams—but users should scope recordings and replay only into safe test targets.
Before installing, confirm you trust the pilotctl environment and only use this skill on event sources, topics, and targets you intend to debug. Avoid wildcard captures unless necessary, replay into test systems by default, and protect or delete any recording files that may contain sensitive payloads.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Replaying to the wrong target could cause test or production systems to react to old events.
The skill instructs the agent to publish recorded events to a target host. This is central to replay functionality, but publishing events can trigger downstream consumers if the target is not isolated.
pilotctl --json publish <target-hostname> "$topic" --data "$data"
Replay only to known test targets unless the user explicitly confirms the destination and expected side effects.
Event recordings may persist private or sensitive payloads after the debugging session.
The workflow records all topics from a source into a local NDJSON file. This is the intended function, but recorded event payloads may contain sensitive data or reusable context.
pilotctl --json subscribe "$SOURCE" "*" --timeout "$DURATION" | \ jq -c '.data.events[]' >> "$RECORDING"
Use narrow topics and short durations where possible, store recordings in an appropriate location, and delete or protect recordings after use.