Back to skill
Skillv1.0.0
ClawScan security
Pilot Service Agents News · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 28, 2026, 4:29 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's declared purpose (aggregating public news/feeds via Pilot Protocol) matches its requirements and runtime instructions — it only needs pilotctl and a running Pilot daemon and does not request unrelated credentials or perform unrelated actions.
- Guidance
- This skill appears coherent and limited to querying Pilot Protocol news agents. Before installing: (1) ensure pilotctl is obtained from a trusted source and you understand the Pilot daemon/network join process; (2) be aware that agent responses may include upstream external URLs (clicking/following them may expose you to malicious content); (3) if you run the Pilot daemon, confirm you're comfortable joining network 9 and the privacy/trust model of the Pilot overlay. If any of those network/trust assumptions are unacceptable, avoid installing or run in a sandboxed environment.
Review Dimensions
- Purpose & Capability
- okName/description (news feeds, HN, Reddit, GDELT, USGS, etc.) aligns with the runtime requirements: pilotctl on PATH, the pilot-protocol/pilot-service-agents skills, and a daemon joined to network 9. No extraneous binaries, env vars, or config paths are requested.
- Instruction Scope
- okSKILL.md only instructs the agent to use pilotctl to discover agents (list-agents), read agent contracts (/help), request structured data (/data) and summaries (/summary), and poll the inbox. It does not direct the agent to read unrelated files, environment variables, or system config. Note: agent responses include upstream URLs returned by the networked sources (expected for a feed aggregator).
- Install Mechanism
- okInstruction-only skill with no install spec and no bundled code — lowest-risk installation footprint. The only external dependency is the pilotctl binary, which must already be present.
- Credentials
- okNo environment variables, credentials, or config paths are required. The absence of requested secrets is proportional to the described function.
- Persistence & Privilege
- okalways:false (not force-included). disable-model-invocation is default false (agent may invoke the skill autonomously) — this is standard for skills and not concerning by itself because the skill does not request broad credentials or system access.