Skillv1.0.0

ClawScan security

Pilot Service Agents Data · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

BenignApr 28, 2026, 12:24 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's requirements and runtime instructions are coherent with its stated purpose (querying Pilot Protocol data agents via pilotctl); it does not request unrelated credentials or install code, but it does send user-supplied queries over an overlay network so avoid including secrets in queries.
Guidance: This skill is internally consistent: it simply tells the agent to use pilotctl to query Pilot Protocol data agents. Before installing, ensure you already run a trusted pilotprotocol daemon and have an authentic pilotctl binary (verify source). Never include passwords, API keys, or other secrets in queries/filters — those strings will be transmitted to overlay peers. Be aware responses may include upstream URLs; inspect them before following. If you do not run Pilot Protocol or do not trust the network/peers on network 9, do not enable this skill.

Purpose & Capability: okName/description match the requested artifacts: the skill is an instruction-only wrapper for Pilot Protocol 'data' agents (PubChem, REST Countries) and legitimately requires the pilotctl binary, the pilot-protocol core skill, and a running daemon on the data-exchange network. No unrelated binaries or env vars are requested.
Instruction Scope: noteSKILL.md instructs the agent to run pilotctl send-message and pilotctl inbox to interact with overlay agents. That is within purpose, but these commands transmit whatever filters/queries the user provides onto the overlay network (and agents may return upstream URLs). Do not include secrets or private data in queries because the skill will forward them to peers.
Install Mechanism: okInstruction-only skill with no install spec and no code files — lowest install risk. It relies on an existing pilotctl binary; installing/obtaining that binary (outside this skill) is the user's responsibility and should be verified from official sources.
Credentials: okNo environment variables, credentials, or config paths are requested. The declared requirements (pilotctl, daemon joined to network 9, list-agents reachable) align with the stated function.
Persistence & Privilege: okalways:false and default invocation settings — the skill does not request forced or persistent privileges, nor does it modify other skills or system-wide settings.