Pilot Service Agents Finance

Security checks across malware telemetry and agentic risk

Overview

This is a read-only public market data skill with a documentation mismatch, but no artifact-backed evidence of hidden access, credential use, destructive behavior, or exfiltration.

Install only if you trust Pilot Protocol and are comfortable querying public finance data through its service-agent network. Do not send private portfolio, brokerage, credential, or account data. Treat the SEC and macroeconomic entries as ambiguous until the publisher aligns the documented exclusions with the listed agents.

SkillSpector

By NVIDIA

Vulnerability Patterns

MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Description-Behavior Mismatch

Medium

Confidence: 95% confidence
Finding: The manifest forbids SEC company filings use, yet the agent list includes `sec-edgar-full-text`, directly contradicting the declared boundary. This can mislead orchestrators into exposing or invoking a regulated/document-sensitive datasource through an inappropriate skill, undermining tool-selection guardrails and policy enforcement.

Description-Behavior Mismatch

High

Confidence: 95% confidence
Finding: The manifest forbids SEC company filings use, yet the agent list includes `sec-edgar-full-text`, directly contradicting the declared boundary. This can mislead orchestrators into exposing or invoking a regulated/document-sensitive datasource through an inappropriate skill, undermining tool-selection guardrails and policy enforcement.

VirusTotal

60/60 vendors flagged this skill as clean.

View on VirusTotal