ClawHub

Pilot Trust Circle

Security checks across malware telemetry and agentic risk

Overview

This skill matches its trust-circle purpose, but it automates durable agent-trust approvals with weak identity checks and little user confirmation.

Review this skill before installing if your Pilot agents can access sensitive workspaces or services. Use it only when you intentionally want circle members to gain mutual trust, verify each agent by a stable identity or fingerprint before approval, and avoid the bootstrap approval snippet unless hostname membership is backed by a trusted identity process and you have a way to revoke mistakes.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The examples both modify persistent local trust-circle configuration and perform live trust operations, including handshakes and approvals, without any explicit warning or confirmation step. In a security-sensitive trust-management skill, this can cause users or agents to grant durable mutual trust to unintended peers, expanding the trusted set and enabling unauthorized access or lateral movement.

Missing User Warnings

High
Confidence
98% confidence
Finding
The bootstrap workflow enumerates pending requests and automatically approves any whose hostname matches the circle file, with no independent identity verification, user confirmation, or warning. Because trust approval is the core security boundary here, automating approval based only on hostname membership is especially dangerous and could allow spoofed or mistaken identities to be granted trust across the circle.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal