Pilot Sla
Security checks across static analysis, malware telemetry, and agentic risk
Overview
This is a disclosed Bash/pilotctl SLA-monitoring workflow with no artifact-backed malicious behavior, but users should review task submission, external dependencies, and the unproven automatic-penalty claim.
Before installing or using it, make sure pilotctl and the Pilot daemon are trusted, set $AGENT explicitly, review any Bash workflow before execution, and do not assume automatic financial or operational penalties are enforced unless that mechanism is documented elsewhere.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If run with the wrong $AGENT or task string, the workflow could submit unintended Pilot tasks.
The skill explicitly enables Bash and documents a workflow that can submit tasks through pilotctl. This is expected for SLA testing, but it is still action-taking authority that should be user-reviewed.
allowed-tools:\n - Bash ... TASK_ID=$(pilotctl --json task submit "$AGENT" --task "api-call: task_id=$i" | jq -r '.task_id')
Confirm the target agent and task text before running examples, and avoid unattended loops unless the target and permissions are clear.
Security depends partly on the separately installed pilotctl, Pilot daemon, jq, and bc components.
The skill relies on external binaries, another skill, and a daemon whose code and installation path are not included in the reviewed artifact.
Requires pilot-protocol skill and pilotctl binary on PATH. The daemon must be running (pilotctl daemon start). ... Requires pilot-protocol, pilotctl, jq, and bc.
Install these tools only from trusted sources, verify versions, and ensure the registry metadata declares all required binaries.
Users could over-rely on the skill for guaranteed penalty enforcement when the provided instructions only demonstrate monitoring/reporting.
The description suggests automatic penalty assessment/enforcement, while the shown workflow only reports a violation and does not show applying penalties.
Service-level agreement enforcement with automatic penalty assessment. ... [ $RESPONSE_TIME -gt $SLA_MAX ] && echo "SLA violation"
Treat this as an SLA monitoring example unless a separate, reviewed Pilot Protocol component clearly documents how penalties are applied, audited, and reversed.