Skillv1.0.0

ClawScan security

Pilot Newsletter Automation Setup · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignApr 23, 2026, 3:40 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's requested tools and runtime instructions match its stated purpose (deploying a 3-agent newsletter pipeline); it is an instruction-only recipe that installs other pilot-* skills and writes a local manifest, with no surprising credential requests or external downloads declared.
Guidance: This skill is a guided setup recipe that expects you already have trusted pilotctl and clawhub binaries. Before running it: (1) verify pilotctl and clawhub are legitimate and up-to-date; (2) review which pilot-* skills will be installed (pilot-webhook-bridge, pilot-announce, etc.) because those downstream skills may require API keys (email provider, webhooks) and network access; (3) be aware the workflow writes configuration to ~/.pilot/setups and will establish handshakes between the named hosts — only handshake with hosts you trust; (4) confirm licensing (AGPL-3.0) is acceptable for your environment; and (5) because this is instruction-only, the registry scanner had no code to analyze — inspect the exact clawhub install targets and any prompts they produce before entering credentials.

Review Dimensions

Purpose & Capability: okName/description (newsletter automation) align with the required binaries (pilotctl, clawhub) and the actions in SKILL.md (install pilot-* skills, set hostnames, write ~/.pilot manifests, run handshakes). Nothing requested appears unrelated to deploying Pilot agents.
Instruction Scope: okSKILL.md is an instruction-only workflow that tells the agent to prompt the user for a role/prefix, run clawhub install for role-specific skills, call pilotctl to set hostname/handshake/subscribe/publish, and write a JSON manifest under ~/.pilot/setups. It does not instruct reading unrelated files, exfiltrating env vars, or contacting unexpected endpoints beyond the Pilot tooling.
Install Mechanism: okNo install spec is included (instruction-only). The skill assumes existing pilotctl and clawhub binaries; it does not download archives or run code fetched from arbitrary URLs. The actual installation actions (clawhub install) will pull other skills at runtime, but that is consistent with the declared workflow.
Credentials: noteThe skill itself declares no environment variables or credentials, which is appropriate for a setup recipe. Note: some of the pilot-* skills it installs (for example webhook/email bridge or metrics exporters) commonly require API keys or service credentials (email provider, analytics). Those are not requested here — users should expect to supply them when configuring the installed skills.
Persistence & Privilege: okalways is false and the skill does not request elevated platform privileges. It writes a local manifest to ~/.pilot/setups (normal for an agent setup) and installs other skills via clawhub; this creates persistent configuration on the host but stays within the expected scope for a setup tool.