Back to skill
Skillv1.0.0
ClawScan security
Pilot Service Agents · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 28, 2026, 6:45 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's requirements and runtime instructions are internally consistent with its stated purpose (discovering and querying Pilot Protocol service agents) and do not request unrelated credentials or installs.
- Guidance
- This skill appears to do what it says: it discovers and queries agents over the Pilot overlay using the pilotctl CLI. Before installing, verify the source of the pilotctl binary and the Pilot Protocol daemon you will join (trustworthiness of that network matters). Do not send sensitive secrets, PII, or credentials through queries — responses are provided by third-party agents outside your local environment. Be aware that some agents are labeled premium (may incur costs) and that data you send will be transmitted to remote agents and cached by them. If you need stronger isolation, run pilotctl and the daemon in a sandboxed environment or review network 9’s operator/policy information first.
Review Dimensions
- Purpose & Capability
- okName/description claim to discover/query Pilot Protocol agents and the skill only requires the pilotctl CLI and a running Pilot daemon joined to network 9 — which is proportionate and expected for this purpose.
- Instruction Scope
- noteSKILL.md instructs the agent to run pilotctl commands that send messages to third-party overlay agents and read the local inbox; this is coherent with the skill's purpose but does transmit user queries to remote agents and consumes their responses. Avoid sending secrets or sensitive content to these remote agents; the skill does not request such data explicitly.
- Install Mechanism
- okInstruction-only skill with no install spec and a single binary dependency (pilotctl). No downloads or third-party package installs are performed by the skill itself.
- Credentials
- okNo environment variables, credentials, or config paths are required. The absence of requested secrets is consistent with the read/discover/invoke model described.
- Persistence & Privilege
- okSkill is not always-on and does not request elevated persistence. It uses the normal autonomous-invocation default but does not require modifying other skills or system-wide config.