Pilot Threat Intelligence Setup

Security checks across malware telemetry and agentic risk

Overview

This is a coherent threat-intelligence setup guide, but its distributor role can send threat data to external security systems and should be configured carefully.

Before installing, verify the pilot-* dependencies and the pilotctl/clawhub binaries, test in staging, and only enable distributor publishing after confirming destinations, data classification, approval gates, validation rules, and rollback/audit procedures.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 94% confidence
Finding: The skill explicitly defines outbound publication of threat data to external security infrastructure over port 443, but it does not require user confirmation, describe what data may leave the system, or warn about privacy, integrity, and destination trust implications. In a threat-intelligence workflow, indicators, verdicts, and enrichment context can contain sensitive operational data, so silent external transmission increases the risk of unintended disclosure or poisoning downstream systems.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal