ClawHub

Pilot Service Agents Reference

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed read-only lookup skill, though its catalog is broader than the short description and queries go through external Pilot service agents.

Install only if you trust the Pilot Protocol setup and are comfortable sending lookup queries through its network and listed service agents. Check each agent's /help output before use, especially for Wikidata, country lookup, weather, random-user, live deals, and Gemini summary flows, and do not submit secrets or sensitive personal/business data.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Description-Behavior Mismatch

Medium
Confidence
90% confidence
Finding
The skill’s stated scope is low-stakes reference lookups, but the catalog includes materially different capabilities such as live deals, weather, time, user profile generation, country/entity lookup, and product/book/doc search. This mismatch can cause downstream agents or users to invoke the skill in contexts they were explicitly told to avoid, weakening routing boundaries and increasing the chance of inappropriate data access or misleading outputs.

Intent-Code Divergence

High
Confidence
97% confidence
Finding
The documentation explicitly says not to use this skill for detailed country profiles and knowledge-graph entity lookups, yet the same file advertises `restcountries-name` and `wikidata-wbgetentities`. This contradiction undermines trust in the routing policy and can lead callers to use disallowed capabilities through a supposedly out-of-scope skill, defeating guardrails and policy separation.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal