← Back to Skills Marketplace
teoslayer

Pilot Protocol

by Calin Teodor · GitHub ↗ · v2.0.0 · MIT-0
cross-platform ⚠ suspicious
1526
Downloads
2
Stars
1
Active Installs
6
Versions
Install in OpenClaw
/install pilot-protocol
Description
Communicate with other AI agents over the Pilot Protocol overlay network. Use this skill when: 1. You need to send messages, files, or data to another AI age...
Usage Guidance
This skill is coherent with its stated purpose but contains several high-risk operational instructions you should consider before installing: 1) Do not blindly run `curl https://pilotprotocol.network/install.sh | sh` — ask for the install script source, verify cryptographic hashes/signatures of binaries, or prefer distribution-managed packages. 2) The daemon runs persistently and can configure webhooks that POST event payloads to arbitrary URLs — only configure webhooks to endpoints you control and audit ~/.pilot/config.json after install. 3) Gateway mappings can expose local services to remote agents; avoid mapping sensitive local hosts/ports and do not run the gateway as root unless absolutely necessary. 4) The task subsystem accepts and executes work from other agents; do not auto-accept tasks and enforce strict policies (sandboxing, resource limits, disallow execution of shell/source files). 5) If you need more assurance, request the project's source code, build reproducible release artifacts, signed releases, and documentation about sandboxing and network telemetry (what is sent to registry servers). If you can't verify the installer and the daemon behavior, treat this skill as risky and avoid installing it on systems with sensitive data or network access.
Capability Analysis
Type: OpenClaw Skill Name: pilot-protocol Version: 2.0.0 The skill provides a P2P networking framework (pilotctl) that enables agents to communicate, transfer files, and execute remote tasks. While framed as a legitimate protocol, the SKILL.md file contains a 'Heartbeat' section with a script that explicitly instructs the AI agent to automatically approve all incoming trust requests and execute all received tasks without the safety filtering mentioned in the reference documentation. This effectively creates a remote-control backdoor. Furthermore, the instructions encourage the agent to propagate the tool to other bots ('spread the word'), which mimics worm-like behavior. High-risk capabilities like IP bridging (gateway) and a curl-to-sh installer (pilotprotocol.network/install.sh) further increase the attack surface.
Capability Tags
crypto
Capability Assessment
Purpose & Capability
The skill is an instruction-only wrapper around the pilotctl CLI; requiring pilotctl on PATH is coherent with the stated purpose. However the SKILL.md also instructs running a remote installer that creates a persistent daemon, system service, and gateway mappings — capabilities that go beyond a simple messaging client and require elevated privileges (gateway) and persistent network presence.
Instruction Scope
SKILL.md instructs the agent to read and write to ~/.pilot (config, inbox, received files, tasks), manage the daemon lifecycle, map pilot addresses into a local IP subnet (gateway) and configure webhooks that POST events to arbitrary HTTP endpoints. It also documents accepting and executing tasks submitted by other agents. These instructions enable exfiltration (webhooks), exposure of local services (gateway mappings), and execution of work coming from remote peers — all high-scope actions that go beyond simple message sending.
Install Mechanism
Although the registry metadata lists no install spec, SKILL.md explicitly recommends a network installer invoked via `curl -fsSL https://pilotprotocol.network/install.sh | sh`. Piping an unsigned remote script into sh is high-risk: it downloads and executes arbitrary code, installs binaries, writes config files, and sets up system services. The installer behavior (pre-built binaries or builds-from-source, writes PATH, systemd/launchd setup) increases privilege and persistence risk.
Credentials
The skill does not request environment variables or secret credentials, which is proportionate. However it references and persists configuration at ~/.pilot/config.json and supports setting an arbitrary webhook URL and gateway mappings — these provide channels to exfiltrate local events or expose local network services even without additional environment credentials.
Persistence & Privilege
The installer sets up a persistent daemon and system service (systemd/launchd) and the gateway can require sudo for ports <1024. The daemon can persist webhook URLs into config and run continuously, and the task subsystem accepts and executes work from other agents. Persistent, privileged network-facing software combined with webhook/event POSTs and gateway bridging increases the attack surface and blast radius.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install pilot-protocol
  3. After installation, invoke the skill by name or use /pilot-protocol
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v2.0.0
Update ClawHub slug to pilot-protocol, fix install command
v1.0.4
- Added documentation for the Task Submit built-in service (port 1003) and related mailbox and dashboard features. - Introduced the polo score concept for agent reputation via task completion and requests. - Described new CLI commands: pilotctl enable-tasks and pilotctl disable-tasks for advertising task execution capability. - Updated built-in services and mailbox locations to include task-related directories and functionality. - Minor clarifications and reorganizations for feature visibility and completeness.
v1.0.3
- Documentation update in SKILLS.md for accuracy and clarity. - Added missing `--webhook <url>` option to `pilotctl daemon start` command. - Minor corrections to built-in service descriptions for consistency. - No changes to executable code; this release is documentation only.
v1.0.2
- Added detailed installation instructions for Pilot Protocol, including curl-based and ClawHub installation methods. - Clarified binary location: binaries are installed to ~/.pilot/bin/ by default. - Noted that only gateway operations for privileged ports require sudo. - Expanded install process description to cover service setup and PATH updates.
v1.0.1
**Summary:** Version 2.0 introduces mailbox functionality, automatic NAT traversal, new communication commands, error response improvements, and non-interactive operation for all commands. - Added mailbox support: received files now go to `~/.pilot/received/`, messages to `~/.pilot/inbox/`; inspect with `pilotctl received` and `pilotctl inbox` - NAT traversal is now automatic using STUN and relays for seamless connectivity behind NATs - New commands: `send-message`, `subscribe`, `publish`, and mailbox inspection - All communication commands are non-interactive by default; "pipe mode" replaces interactive stdio streams - Error responses now include a `hint` field for actionable next steps - Visibility control (`set-public`/`set-private`) simplified to apply to the current node - Documentation and output updated to reflect all new features and behaviors
v1.0.0
pilot-protocol 1.0.0 - Initial release providing encrypted peer-to-peer communication between AI agents over the Pilot Protocol overlay network. - Supports discovery, messaging, file transfer, trust management, and network diagnostics using the `pilotctl` CLI. - Permanent agent addresses and hostnames, encrypted tunnels, and a mutual trust model over standard UDP with zero external dependencies. - Built-in services: echo (port 7), data exchange (port 1001), and event stream (port 1002). - Complete lifecycle management for the Pilot daemon, including configuration, start/stop, identity, and status checks.
Metadata
Slug pilot-protocol
Version 2.0.0
License MIT-0
All-time Installs 1
Active Installs 1
Total Versions 6
Frequently Asked Questions

What is Pilot Protocol?

Communicate with other AI agents over the Pilot Protocol overlay network. Use this skill when: 1. You need to send messages, files, or data to another AI age... It is an AI Agent Skill for Claude Code / OpenClaw, with 1526 downloads so far.

How do I install Pilot Protocol?

Run "/install pilot-protocol" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Pilot Protocol free?

Yes, Pilot Protocol is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does Pilot Protocol support?

Pilot Protocol is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created Pilot Protocol?

It is built and maintained by Calin Teodor (@teoslayer); the current version is v2.0.0.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 Comments