Back to skill

Security audit

Pilot Leader Election

Security checks across malware telemetry and agentic risk

Overview

This instruction-only skill uses pilotctl to publish leader-election messages, which is expected for its stated swarm-coordination purpose but should be tested carefully.

Install if you intend to use pilotctl for leader election. Before running the publish examples, use a test registry host and isolated ELECTION_GROUP so you do not accidentally change production swarm leadership or heartbeat state.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (1)

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The skill repeatedly demonstrates `pilotctl publish` commands that send election and heartbeat data to a registry or network peer, but it does not clearly warn users that these examples cause external coordination traffic and may influence a live swarm. In an agent skill context, examples are often copied directly into automation, so omission of side-effect warnings can lead to unintended network communication, accidental leader changes, or interference with production coordination state.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.