← Back to Skills Marketplace
Pilot Blocklist
by
Calin Teodor
· GitHub ↗
· v1.0.0
· MIT-0
95
Downloads
0
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install pilot-blocklist
Description
Maintain and share blocklists of untrusted agents in Pilot Protocol networks. Use this skill when: 1. You need to block malicious or compromised agents from...
Usage Guidance
This skill appears to implement a local blocklist workflow for Pilot Protocol using pilotctl and shell/jq commands, but it has a couple of issues you should consider before installing:
- Missing declared dependency: The examples use jq but the skill metadata does not declare jq as a required binary. Ensure jq is installed from a trusted package source before using the recipes.
- Unimplemented feature claim: The description promises 'sharing and synchronization across networks' but the SKILL.md contains no commands or instructions to share blocklists remotely. If you need sync, ask the author or implement a secure push/pull mechanism (e.g., signed manifests over authenticated channels).
- File writes and effect on network: The scripts write to ~/.pilot/blocklists/default.json and call pilotctl untrust/reject which will change agent connectivity. Backup your blocklist and test in a safe environment to avoid accidentally blocking legitimate nodes.
- Trust pilotctl provenance: Because the skill invokes pilotctl with node-management commands, make sure your pilotctl binary is from a trusted source and that the pilot daemon is properly secured.
Given these inconsistencies the skill is not clearly malicious, but it is incomplete/sloppy. Ask the maintainer to (1) declare jq in required binaries, (2) either remove the 'sharing' claim or add secure sharing instructions, and (3) provide a source repo for review. If you proceed, review the shell commands line-by-line and run them in a controlled environment first.
Capability Analysis
Type: OpenClaw Skill
Name: pilot-blocklist
Version: 1.0.0
The pilot-blocklist skill provides standard administrative tools for managing agent blocklists within the Pilot Protocol ecosystem. It uses the 'pilotctl' binary and 'jq' to maintain a local JSON database in ~/.pilot/blocklists/ and perform network management tasks such as untrusting and rejecting nodes based on reputation scores. No evidence of malicious intent, data exfiltration, or unauthorized execution was found.
Capability Assessment
Purpose & Capability
The skill's stated purpose is to maintain and share blocklists across Pilot Protocol networks — requiring pilotctl and a running daemon is coherent. However, the SKILL.md repeatedly claims support for 'sharing and synchronization across networks' but provides no instructions, commands, or configuration for sharing or synchronizing blocklists to other nodes or endpoints. That feature claim is not implemented in the instructions.
Instruction Scope
Runtime instructions are concrete and scoped to the user's Pilot installation: they create and modify ~/.pilot/blocklists/default.json, call pilotctl to find/untrust/reject node IDs, and use jq/grep/mv in shell scripts. The actions are limited to Pilot-related commands and local files. However, the SKILL.md uses jq in every example but the registry metadata/allowed-tools did not declare jq as a required binary — a mismatch that could lead to runtime failures or implicit installs. The skill writes into the user's home (~/.pilot) and /tmp which is expected but worth noting.
Install Mechanism
This is an instruction-only skill with no install spec and no code files. That reduces installation risk because nothing is downloaded or written by the skill package itself.
Credentials
The skill does not request environment variables or credentials, which is proportionate for a local blocklist manager. One small issue: the SKILL.md depends on the external tool jq (and implicitly on standard Unix utilities) but jq is not listed in the skill's declared required binaries; that inconsistency should be corrected. No secrets or unrelated credentials are requested.
Persistence & Privilege
always is false and the skill does not request persistent platform privileges. It does instruct the agent to modify local blocklist files and to call pilotctl to change trust state (untrust/reject), which are normal for the stated purpose. There's no instruction to alter other skills or system-wide agent settings.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install pilot-blocklist - After installation, invoke the skill by name or use
/pilot-blocklist - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
Initial release
Metadata
Frequently Asked Questions
What is Pilot Blocklist?
Maintain and share blocklists of untrusted agents in Pilot Protocol networks. Use this skill when: 1. You need to block malicious or compromised agents from... It is an AI Agent Skill for Claude Code / OpenClaw, with 95 downloads so far.
How do I install Pilot Blocklist?
Run "/install pilot-blocklist" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Pilot Blocklist free?
Yes, Pilot Blocklist is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does Pilot Blocklist support?
Pilot Blocklist is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Pilot Blocklist?
It is built and maintained by Calin Teodor (@teoslayer); the current version is v1.0.0.
More Skills