Pilot Social Media Manager Setup

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed setup guide for connecting three social media workflow agents, with expected local configuration changes.

Install only on hosts you intend to join to this Pilot social media workflow. Use a simple trusted prefix, understand that ~/.pilot setup state and the Pilot hostname will persist, and review the installed pilot-* skills before giving them social media account access or automation authority.

SkillSpector

By NVIDIA

Vulnerability Patterns

Rogue AgentSelf-Modification, Session Persistence
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Session Persistence

Medium

Category: Rogue Agent
Content: pilotctl --json set-hostname <prefix>-<role> ``` **Step 4:** Write the setup manifest: ```bash mkdir -p ~/.pilot/setups cat > ~/.pilot/setups/social-media-manager.json << 'MANIFEST'
Confidence: 93% confidence
Finding: Write the setup manifest: ```bash mkdir -p ~/.pilot/setups cat > ~/.pilot

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal