Back to skill

Security audit

Pilot Swarm Config

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed swarm-configuration helper, but users should treat its registry messages and auto-apply examples carefully.

Install only if you intend to manage shared agent configuration through pilotctl. Use a trusted registry, restrict who can publish to config topics, avoid secrets in config payloads or swarm/agent identifiers, validate incoming config before applying it, and stop the subscriber loop when it is no longer needed.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (1)

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The skill’s examples continuously subscribe to a remote registry, publish status data, and write received configuration directly to /tmp without an explicit warning that local state will be modified and agent metadata will be transmitted. In a swarm-management skill this behavior is expected functionally, but the lack of prominent disclosure and safety guidance increases the chance that users run the commands blindly and expose operational data or alter runtime configuration unintentionally.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.