← 返回 Skills 市场
Pilot Blocklist
作者
Calin Teodor
· GitHub ↗
· v1.0.0
· MIT-0
95
总下载
0
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install pilot-blocklist
功能描述
Maintain and share blocklists of untrusted agents in Pilot Protocol networks. Use this skill when: 1. You need to block malicious or compromised agents from...
安全使用建议
This skill appears to implement a local blocklist workflow for Pilot Protocol using pilotctl and shell/jq commands, but it has a couple of issues you should consider before installing:
- Missing declared dependency: The examples use jq but the skill metadata does not declare jq as a required binary. Ensure jq is installed from a trusted package source before using the recipes.
- Unimplemented feature claim: The description promises 'sharing and synchronization across networks' but the SKILL.md contains no commands or instructions to share blocklists remotely. If you need sync, ask the author or implement a secure push/pull mechanism (e.g., signed manifests over authenticated channels).
- File writes and effect on network: The scripts write to ~/.pilot/blocklists/default.json and call pilotctl untrust/reject which will change agent connectivity. Backup your blocklist and test in a safe environment to avoid accidentally blocking legitimate nodes.
- Trust pilotctl provenance: Because the skill invokes pilotctl with node-management commands, make sure your pilotctl binary is from a trusted source and that the pilot daemon is properly secured.
Given these inconsistencies the skill is not clearly malicious, but it is incomplete/sloppy. Ask the maintainer to (1) declare jq in required binaries, (2) either remove the 'sharing' claim or add secure sharing instructions, and (3) provide a source repo for review. If you proceed, review the shell commands line-by-line and run them in a controlled environment first.
功能分析
Type: OpenClaw Skill
Name: pilot-blocklist
Version: 1.0.0
The pilot-blocklist skill provides standard administrative tools for managing agent blocklists within the Pilot Protocol ecosystem. It uses the 'pilotctl' binary and 'jq' to maintain a local JSON database in ~/.pilot/blocklists/ and perform network management tasks such as untrusting and rejecting nodes based on reputation scores. No evidence of malicious intent, data exfiltration, or unauthorized execution was found.
能力评估
Purpose & Capability
The skill's stated purpose is to maintain and share blocklists across Pilot Protocol networks — requiring pilotctl and a running daemon is coherent. However, the SKILL.md repeatedly claims support for 'sharing and synchronization across networks' but provides no instructions, commands, or configuration for sharing or synchronizing blocklists to other nodes or endpoints. That feature claim is not implemented in the instructions.
Instruction Scope
Runtime instructions are concrete and scoped to the user's Pilot installation: they create and modify ~/.pilot/blocklists/default.json, call pilotctl to find/untrust/reject node IDs, and use jq/grep/mv in shell scripts. The actions are limited to Pilot-related commands and local files. However, the SKILL.md uses jq in every example but the registry metadata/allowed-tools did not declare jq as a required binary — a mismatch that could lead to runtime failures or implicit installs. The skill writes into the user's home (~/.pilot) and /tmp which is expected but worth noting.
Install Mechanism
This is an instruction-only skill with no install spec and no code files. That reduces installation risk because nothing is downloaded or written by the skill package itself.
Credentials
The skill does not request environment variables or credentials, which is proportionate for a local blocklist manager. One small issue: the SKILL.md depends on the external tool jq (and implicitly on standard Unix utilities) but jq is not listed in the skill's declared required binaries; that inconsistency should be corrected. No secrets or unrelated credentials are requested.
Persistence & Privilege
always is false and the skill does not request persistent platform privileges. It does instruct the agent to modify local blocklist files and to call pilotctl to change trust state (untrust/reject), which are normal for the stated purpose. There's no instruction to alter other skills or system-wide agent settings.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install pilot-blocklist - 安装完成后,直接呼叫该 Skill 的名称或使用
/pilot-blocklist触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
Initial release
元数据
常见问题
Pilot Blocklist 是什么?
Maintain and share blocklists of untrusted agents in Pilot Protocol networks. Use this skill when: 1. You need to block malicious or compromised agents from... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 95 次。
如何安装 Pilot Blocklist?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install pilot-blocklist」即可一键安装,无需额外配置。
Pilot Blocklist 是免费的吗?
是的,Pilot Blocklist 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
Pilot Blocklist 支持哪些平台?
Pilot Blocklist 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Pilot Blocklist?
由 Calin Teodor(@teoslayer)开发并维护,当前版本 v1.0.0。
推荐 Skills