Back to skill

Security audit

Pilot Auto Trust

Security checks across malware telemetry and agentic risk

Overview

This skill matches its stated purpose, but it automates security-sensitive trust approvals and rejections in bulk without enough review controls.

Install or use this only if you intentionally want automated Pilot trust decisions. Before running approve or reject pipelines, list pending requests first, confirm the active Pilot daemon/profile, prefer verified allowlists or cryptographic identity checks over score/hostname/network heuristics alone, and know how to revoke or audit trust changes.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (1)

Missing User Warnings

Medium
Confidence
95% confidence
Finding
This skill provides ready-to-run commands and a workflow that automatically approves or rejects trust relationships based on coarse indicators such as polo score, network prefix, or hostname pattern, without requiring an explicit confirmation step or prominently warning that these actions permanently change trust state. In a trust-management context, this is dangerous because metadata like hostname, address class, or reputation score can be spoofed or misinterpreted, causing unauthorized agents to be trusted at scale or legitimate agents to be rejected automatically.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.