Skillv1.0.0

ClawScan security

Pilot Scientific Research Team Setup · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignApr 23, 2026, 5:44 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's requests and instructions are coherent with its stated purpose: it relies on pilotctl and clawhub to install and wire up four agents, writes a local manifest, and instructs users to perform peer handshakes and publishing; nothing requested appears unrelated or excessive.
Guidance: This skill appears internally consistent with its goal of wiring a 4-agent research pipeline. Before installing or running it, verify the trustworthiness of the external tools it calls (pilotctl and clawhub) and the pilot-* skills they will install, because this instruction-only skill delegates actual behavior to those binaries. Be aware it will: (1) install additional skills via clawhub, (2) write a manifest to ~/.pilot/setups/, and (3) establish network handshakes and publish messages between agents (including publishing to external endpoints from the report agent). Recommended precautions: run in an isolated environment or VM, audit the pilotctl/clawhub binaries and the pilot-* skills they install, confirm desired firewall rules (e.g., control port 1002 and outbound 443), and make sure you understand what data the report agent is allowed to publish externally. If you want higher assurance, provide the contents or provenance (official repos/releases) for pilotctl, clawhub, and the listed pilot-* skills for further review.

Review Dimensions

Purpose & Capability: okName/description (deploy a 4-agent research pipeline) matches the requirements and instructions: it requires pilotctl and clawhub, which are used throughout the SKILL.md to install skills, set hostnames, handshake peers, and publish messages. No unrelated credentials, binaries, or config paths are requested.
Instruction Scope: noteInstructions explicitly tell the agent to run clawhub install and pilotctl commands, set hostnames, and write a manifest to ~/.pilot/setups/scientific-research-team.json. These actions are consistent with setup but will create local config and establish network connections (handshakes and publish commands). Users should be aware data will be transmitted between agents and the report agent can push to external endpoints (port 443).
Install Mechanism: okThis is an instruction-only skill with no install spec or bundled code. It relies on existing binaries (pilotctl, clawhub). That is the lowest install risk for the skill itself, but actual risk depends on the provenance and behavior of those external binaries.
Credentials: okNo environment variables or credentials are requested. The single config path used (~/.pilot/...) is scoped to the tool's configuration and is proportional to a deployment/setup skill.
Persistence & Privilege: notealways is false and the skill does not request system-wide privileges. It does instruct writing a manifest under the user's home (~/.pilot) and installing other pilot-* skills via clawhub, which will change the agent environment. This is expected for setup but means the agent environment will be modified.