Skillv1.0.0

ClawScan security

Pilot Mcp Bridge Fleet Setup · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

BenignApr 23, 2026, 2:38 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's requests and runtime instructions are coherent with its stated purpose (setting up a 3-node Pilot MCP/A2A bridge fleet); nothing appears disproportionate or deceptive.
Guidance: This skill appears to do what it says: it will call 'clawhub' to install multiple Pilot skills, set hostnames with 'pilotctl', write a manifest to ~/.pilot/setups/, and perform network handshakes on the Pilot network. Before installing: (1) ensure you trust the Pilot ecosystem and the skill author; (2) confirm pilotctl and clawhub are legitimate binaries on your system and on PATH; (3) be prepared that the skill will install other skills and write config under your home directory; (4) if you do not want automatic changes, run the documented commands manually rather than allowing autonomous execution by the agent.

Purpose & Capability: okThe skill declares and uses pilotctl and clawhub, installs Pilot-related skills, and configures three roles (mcp-gateway, a2a-bridge, tool-registry). Those requirements match the described goal of deploying a Pilot bridge fleet.
Instruction Scope: noteRuntime instructions are focused on installing skills, setting hostnames, writing a manifest, and performing Pilot handshakes — all within the setup scope. Minor inconsistency: SKILL.md instructs writing the manifest to ~/.pilot/setups/mcp-bridge-fleet.json, but the metadata lists no required config paths; this is a low-risk documentation mismatch rather than malicious behavior.
Install Mechanism: okThis is an instruction-only skill with no install spec or code files, so nothing is downloaded or written by the skill itself. The actual installs are delegated to the system binary 'clawhub' as documented.
Credentials: okNo environment variables or credentials are requested. The skill only requires the two Pilot binaries and a running Pilot daemon, which is proportional for configuring a networked Pilot fleet.
Persistence & Privilege: notealways:false (normal). Be aware the skill's instructions will run system-level commands (clawhub installs, pilotctl handshakes, and writing a manifest). If the agent is allowed to invoke skills autonomously, it could execute these actions without further confirmation; this is an expected platform capability but worth noting.