Back to skill

Security audit

Pilot A2a Bridge

Security checks across malware telemetry and agentic risk

Overview

This instruction-only skill exposes networked agent messaging as advertised, with no hidden install scripts or unrelated behavior, but users should validate remote messages before acting on them.

Install only if you trust pilotctl, the Pilot daemon, and the remote agents you connect to. Treat all incoming messages as untrusted: validate sender identity, message type, payload schema, and size before taking actions, and avoid sending secrets unless your deployment policy permits it.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (1)

Missing User Warnings

Medium
Confidence
84% confidence
Finding
The skill documents sending arbitrary JSON payloads to remote agents over a network bridge without any warning, validation guidance, trust-boundary discussion, or examples of safe handling. In this context, the skill is explicitly designed for cross-network agent messaging, so normalizing opaque remote payload delivery increases the risk that downstream agents will process untrusted data unsafely or leak sensitive information.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.