← 返回 Skills 市场
Pilot Certificate
作者
Calin Teodor
· GitHub ↗
· v1.0.0
· MIT-0
89
总下载
0
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install pilot-certificate
功能描述
Issue and verify Ed25519-signed capability certificates for Pilot Protocol agents. Use this skill when: 1. You need to issue capability proofs or authorizati...
安全使用建议
The skill claims cryptographic (Ed25519) issuance and verification but the provided runtime steps never sign certificates or verify signatures — they only create and transmit JSON files and check expiry/capability entries. Before installing or using this skill, ask the author how and where signing happens (which private key, what pilotctl command performs signing), and request explicit verification steps that validate signatures rather than just timestamps or JSON contents. Also: avoid issuing 'admin' capabilities with unsigned artifacts; test in an isolated environment; confirm pilotctl and pilot-protocol daemon behavior from the official documentation; and verify the authenticity of the pilotctl binary you run.
功能分析
Type: OpenClaw Skill
Name: pilot-certificate
Version: 1.0.0
The skill provides standard functionality for managing capability certificates within the Pilot Protocol ecosystem. It uses Bash, openssl, and jq to generate, send, and verify JSON-based certificates stored in the user's home directory (~/.pilot/). There is no evidence of data exfiltration, malicious execution, or prompt injection; the code logic is transparent and strictly follows the stated purpose of the skill (SKILL.md).
能力评估
Purpose & Capability
The name/description state Ed25519-signed capability certificates, but the SKILL.md only writes unsigned JSON certificate files and never performs signing or signature verification. The declared requirements (pilotctl, pilot-protocol, openssl, jq) are plausible for the stated purpose, but the critical cryptographic steps are missing or undocumented.
Instruction Scope
Instructions instruct the agent to create JSON files under ~/.pilot/certificates, send them with pilotctl, and verify expiry/capabilities using jq/date. There is no step that references private keys, signing commands (e.g., explicit ed25519 sign), or signature verification. Verification only checks timestamps and presence of capabilities, not cryptographic integrity—this is scope creep versus the advertised crypto guarantees.
Install Mechanism
This is an instruction-only skill with no install spec or code files. No downloads or archive extraction occur, so install risk is low.
Credentials
The skill requests no environment variables or external credentials. It writes files to ~/.pilot which is consistent with a pilot client workflow. However, the lack of any private-key handling is notable given the stated need for signing.
Persistence & Privilege
No special persistence privileges are requested (always:false). The skill operates on user-home paths and requires the pilotctl daemon to be running; it does not request system-wide changes or other skills' config.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install pilot-certificate - 安装完成后,直接呼叫该 Skill 的名称或使用
/pilot-certificate触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
Initial release
元数据
常见问题
Pilot Certificate 是什么?
Issue and verify Ed25519-signed capability certificates for Pilot Protocol agents. Use this skill when: 1. You need to issue capability proofs or authorizati... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 89 次。
如何安装 Pilot Certificate?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install pilot-certificate」即可一键安装,无需额外配置。
Pilot Certificate 是免费的吗?
是的,Pilot Certificate 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
Pilot Certificate 支持哪些平台?
Pilot Certificate 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Pilot Certificate?
由 Calin Teodor(@teoslayer)开发并维护,当前版本 v1.0.0。
推荐 Skills