ClawHub

Pilot Log Analytics Setup

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed log-analytics setup guide with expected local configuration and optional external reporting paths, not a malicious skill.

Before installing, review the child skills this setup installs, especially `pilot-webhook-bridge` and `pilot-slack-bridge`. Only use Slack channels or webhook destinations you control, redact secrets and personal data from logs and reports, and check whether `~/.pilot/setups/log-analytics.json` already exists before running the manifest step.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (5)

Description-Behavior Mismatch

Medium
Confidence
91% confidence
Finding
The dashboard role is documented as a visualization/search component, but it is also granted outbound webhook and Slack bridging capabilities that can transmit derived log data outside the local analytics pipeline. In a log analytics context, this increases data exfiltration and privacy risk because reports and alerts may contain sensitive operational details, yet the skill provides no explicit approval gate, destination validation, or data minimization guidance.

Context-Inappropriate Capability

Medium
Confidence
88% confidence
Finding
The dashboard host is assigned skills for webhook forwarding and Slack posting even though the stated purpose is search, visualization, and reporting. This violates least privilege for a visualization node and expands the attack surface by enabling external communications that are not strictly necessary for core dashboard operation.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The README explicitly routes log reports to external dashboards and Slack channels but provides no warning, scoping guidance, or sanitization requirements for potentially sensitive log contents. In a log analytics skill, logs commonly contain secrets, tokens, internal hostnames, stack traces, and user data, so encouraging external forwarding without guardrails materially increases the risk of unintended data disclosure.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The skill instructs the agent to create and overwrite a persistent configuration file under ~/.pilot/setups without warning the user that local state will be modified. Persistent writes can silently alter future agent behavior, overwrite existing setup definitions, or leave behind configuration that the user did not intend to keep.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The skill describes forwarding reports to external dashboards and Slack channels but does not warn that log-derived data may leave the local environment. In observability setups, even summaries and alerts can contain sensitive infrastructure names, error details, or incident context, so omission of a privacy warning materially increases the risk of unintentional data disclosure.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal