Back to skill

Security audit

Pilot Chunk Transfer

Security checks across malware telemetry and agentic risk

Overview

This file-transfer skill is openly about sending and reassembling large files, but it overstates key safety guarantees for integrity checking and resume behavior.

Install or use this only after reading the workflow carefully. It sends selected local files and filenames to a pilotctl destination and writes received files under $HOME/.pilot/chunk-recv. Do not rely on the advertised integrity verification or resume capability for sensitive or important transfers until the receive path validates hashes and the resume logic is implemented end to end.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Intent-Code Divergence

High
Confidence
98% confidence
Finding
The skill advertises per-chunk integrity verification, but the receive path never checks the advertised hash against the actual received chunk before reassembly. This allows corrupted, tampered, reordered, or substituted chunks to be concatenated into the final file, defeating the stated integrity guarantees and potentially delivering a malicious or unusable artifact.

Description-Behavior Mismatch

Medium
Confidence
89% confidence
Finding
The skill claims resume capability, but only includes an incomplete state-file snippet and does not implement resumed sending or receiving in the actual workflows. Operators may rely on this promise for large transfers and end up with incomplete, duplicated, or inconsistent files after interruptions.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.