ClawHub

Pilot Penetration Testing Setup

Security checks across malware telemetry and agentic risk

Overview

The skill is a coherent penetration-testing setup tool, but it configures persistent agent state and external reporting of sensitive findings without enough user-control safeguards.

Install only if you are deliberately building this pentest agent pipeline. Before enabling the reporter role, confirm Slack/webhook destinations are approved, restrict access, redact exploit evidence where possible, and keep a cleanup plan for `~/.pilot/setups/penetration-testing.json` and any handshakes or installed role skills.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Rogue AgentSelf-Modification, Session Persistence
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The README explicitly states that the reporter delivers penetration test findings to external systems via Slack and webhooks, but it provides no warning about sensitive data exposure, recipient trust, redaction, or approval requirements. In a pentesting workflow, reports can contain vulnerability details, evidence, target metadata, and exploit validation results, so silent external forwarding materially increases the risk of unintended disclosure.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The skill instructs the agent to create and overwrite a persistent file under ~/.pilot/setups without an explicit user-facing warning or confirmation step. Persistent local configuration changes can silently alter future agent behavior and may overwrite existing setup state, which is risky even if the purpose is legitimate system configuration.

Missing User Warnings

High
Confidence
96% confidence
Finding
The reporter role is designed to send pentest findings, including validated proof-of-concept evidence, to external destinations via webhook and Slack, but the skill does not present a clear warning or consent gate for off-host transmission. In a penetration-testing context, these outputs may contain sensitive vulnerability data, target metadata, and exploit evidence, making unintended disclosure especially damaging.

Session Persistence

Medium
Category
Rogue Agent
Content
pilotctl --json set-hostname <prefix>-<role>
```

**Step 4:** Write the setup manifest:
```bash
mkdir -p ~/.pilot/setups
cat > ~/.pilot/setups/penetration-testing.json << 'MANIFEST'
Confidence
88% confidence
Finding
Write the setup manifest: ```bash mkdir -p ~/.pilot/setups cat > ~/.pilot

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal