Back to skill

Security audit

Pilot Role Assign

Security checks across malware telemetry and agentic risk

Overview

This skill is a straightforward Pilot Protocol role-management guide, with expected network messaging that users should run only in trusted swarms.

Install this only if you use Pilot Protocol and trust the target registry and peers. Treat agent IDs, addresses, capabilities, and role assignments as operational metadata; minimize what you publish and prefer authenticated, encrypted, access-controlled channels.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (1)

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The skill instructs agents to publish capabilities, roles, agent identifiers, and coordinator metadata over the network without any warning about data sensitivity, trust boundaries, or authentication requirements. In a swarm/coordination context, this can expose internal topology and capabilities to unintended recipients and enable spoofed role-assignment or reconnaissance if the registry or messaging fabric is not properly secured.

VirusTotal

60/60 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.