Skillv1.0.0

ClawScan security

Pilot Service Agents Food · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignApr 28, 2026, 2:26 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: This instruction-only skill is internally consistent with its stated purpose (food/recipe lookups via Pilot Protocol agents); it only requires the pilotctl binary and a running Pilot Protocol daemon joined to the overlay network.
Guidance: This skill appears coherent for looking up foods and recipes over the Pilot Protocol. Before installing: ensure the pilotctl binary you use is from a trusted source; run the Pilot Protocol daemon in a controlled environment (or container) if you are concerned about overlay traffic; do not send sensitive or secret data through agent queries (the overlay peers will see requests/URLs); verify that the list-agents directory agent and any discovered agent hostnames are trustworthy. No code is installed by this skill itself, but the daemon/network it requires has network-level implications — treat that as the primary risk vector.

Review Dimensions

Purpose & Capability: okThe skill's name/description (food, recipes, nutrition) matches the runtime instructions: all actions are pilotctl send-message / inbox flows against named food/recipe agents. Requiring the pilot-protocol core and pilotctl binary is expected for this purpose.
Instruction Scope: noteInstructions are narrowly scoped to discovery (list-agents), reading agent contracts (/help), and fetching structured data (/data) via pilotctl. One important operational requirement is that the user run a Pilot Protocol daemon and join network 9 — this gives the skill the ability to send/receive messages on an overlay network. That network-level access is necessary for the skill's function but means messages travel to external peers; avoid sending sensitive secrets through these queries.
Install Mechanism: okNo install spec and no code shipped — lowest-risk model. The skill relies on an external binary (pilotctl) already present on PATH; there is no download/install behavior to evaluate.
Credentials: okThe skill declares no required environment variables or credentials. It does require the Pilot Protocol daemon and an overlay network connection, which are proportional to interacting with remote service agents and do not imply unrelated credential access.
Persistence & Privilege: okalways is false and the skill does not request system-wide configuration changes or persistent privileges. Autonomous invocation (model invocation allowed) is the platform default and not, by itself, a concern here.