Back to skill

Security audit

Pilot Event Replay

Security checks across malware telemetry and agentic risk

Overview

This skill is an instruction-only event recording and replay helper, but users should handle captured event payloads carefully.

Install only if you trust the pilotctl environment and understand the event streams involved. Prefer narrow topics over wildcard capture, store recordings in protected locations, delete them when no longer needed, and replay only into isolated test targets unless you have explicit authorization for a live destination.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (1)

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The skill explicitly records arbitrary event streams to local NDJSON files and later republishes captured payloads to another target, but it provides no warning about sensitive data capture, retention, replay side effects, or accidental publication into non-test environments. In an event-driven system, recorded events may contain secrets, personal data, tokens, or state-changing messages, so replaying them can leak data, duplicate actions, or trigger unintended downstream behavior.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.