ClawHub

Pilot Load Balancer

Security checks across static analysis, malware telemetry, and agentic risk

Overview

This instruction-only skill matches its stated purpose of sending task assignments to Pilot worker agents, with a few setup and trust-boundary considerations.

Install this only if you already use Pilot Protocol and trust the worker agents it will target. Verify the worker search tags before dispatching tasks, confirm pilotctl, jq, uuidgen, and the Pilot daemon are set up from trusted sources, and consider changing the /tmp state file to a safer per-user location.

Static analysis

No static analysis findings were reported for this release.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal

Risk analysis

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

#
ASI07: Insecure Inter-Agent Communication
Low
What this means

Tasks may be delegated to whichever workers match the peer search, so misconfigured or untrusted workers could receive work assignments.

Why it was flagged

The skill sends task-assignment messages to worker agents discovered through Pilot; this is central to its purpose but creates an inter-agent trust boundary.

Skill content
pilotctl --json send-message "$NEXT_WORKER" --data "{\"type\":\"task_assignment\",\"task_id\":\"$TASK_ID\"}"
Recommendation

Use this only with a trusted Pilot worker pool and verify peer tags, daemon configuration, and message contents before bulk dispatching tasks.

#
ASI06: Memory and Context Poisoning
Low
What this means

Incorrect or manipulated local state could route tasks to the wrong worker or disrupt balancing.

Why it was flagged

The round-robin example reuses a predictable temporary file as persistent routing state, which could be stale, collide with other runs, or be tampered with locally.

Skill content
ROBIN_INDEX=$(cat /tmp/load-balancer-index.txt 2>/dev/null || echo 0) ... > /tmp/load-balancer-index.txt
Recommendation

Prefer a per-user, skill-owned state path with restricted permissions and validate that the stored index is numeric and in range.

#
ASI04: Agentic Supply Chain Vulnerabilities
Info
What this means

The skill may fail or behave differently if jq, uuidgen, or the pilot-protocol skill are missing or not the expected versions.

Why it was flagged

SKILL.md documents dependencies beyond the registry's declared pilotctl binary requirement, which may cause incomplete setup or reliance on undeclared local tools.

Skill content
Requires pilot-protocol skill, jq, and uuidgen.
Recommendation

Confirm all documented dependencies are installed from trusted sources before using the skill.