Security audit

Pilot Receipt

Security checks across malware telemetry and agentic risk

Overview

This instruction-only skill is coherent with its stated purpose of Pilot Protocol read receipts, but users should be careful with the inbox-clearing command.

Install only if you already trust the separate pilotctl binary and Pilot Protocol daemon. Read receipts intentionally reduce privacy by recording delivery or read status, and avoid using `inbox --clear` unless you are sure the inbox contents have been processed or archived.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 89% confidence
Finding: The skill presents `pilotctl --json inbox --clear` as a normal follow-up action immediately after checking the inbox, but does not warn that it deletes received messages. In a messaging/audit-trail context, this can cause accidental destruction of evidence, loss of unread messages, or operational confusion if a user copies commands verbatim.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.