Back to skill

Security audit

Pilot Health

Security checks across malware telemetry and agentic risk

Overview

This is an instruction-only Pilot Protocol health-check skill whose documented network inspection commands are disclosed and fit its monitoring purpose.

Install only if you already use and trust Pilot Protocol and pilotctl. Run the peer and connection checks only on networks and agents you are authorized to inspect, since they may reveal internal topology and recent contact metadata.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (1)

Description-Behavior Mismatch

Medium
Confidence
90% confidence
Finding
The skill metadata explicitly says it should not be used to discover new agents, yet it documents `pilotctl --json peers`, which enumerates known agents and last-contact metadata. This creates a scope/intent mismatch that can enable unauthorized inventorying or reconnaissance by users who rely on the manifest restrictions for safety boundaries.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.