← 返回 Skills 市场
Pilot Model Share
作者
Calin Teodor
· GitHub ↗
· v1.0.0
· MIT-0
91
总下载
0
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install pilot-model-share
功能描述
Distribute ML model files with model card metadata and version tracking over Pilot Protocol. Use this skill when: 1. You need to share PyTorch, ONNX, or Safe...
安全使用建议
This skill appears to do what it says, but check a few practical things before installing: 1) Ensure the pilotctl daemon and peers are trusted (pilotctl likely has its own keys/config — verify where they are stored and who can access them). 2) The SKILL.md uses jq and md5sum but the registry only declared pilotctl; confirm jq and a hashing tool are available on the agent. 3) Replace MD5 with a stronger hash (SHA-256 or an authenticated signature) if you need robust integrity guarantees, since MD5 is weak against collisions. 4) Be aware you are transmitting model files (which may contain proprietary or sensitive info); only share with authorized peers. 5) If you need to audit or restrict network/file access, test the workflow in a sandbox first. 6) If you will rely on this skill long-term, ask the publisher to update metadata to list jq and the hashing tool and to clarify any pilotctl authentication requirements.
功能分析
Type: OpenClaw Skill
Name: pilot-model-share
Version: 1.0.0
The skill provides a legitimate-looking interface for sharing ML models using the 'pilotctl' utility. However, it is classified as suspicious due to a shell injection vulnerability in the bash workflow example within SKILL.md, where the '$model_name' variable is unsafely interpolated into a JSON string passed to a shell command. While no clear evidence of intentional malice or data exfiltration was found, this flaw could be exploited if an attacker controls the model name.
能力评估
Purpose & Capability
Name and description match the runtime instructions: the SKILL.md shows commands to publish availability, request models, send model metadata and files over pilotctl, which is exactly model sharing/versioning functionality.
Instruction Scope
Instructions are narrowly scoped to publishing messages, sending files, and verifying checksums. They reference jq and md5sum and expect access to local model files and pilotctl's inbox. No instructions attempt to read unrelated system files or extra environment variables, but the doc uses md5sum (a weak checksum) and jq even though those are not declared in the registry metadata.
Install Mechanism
This is an instruction-only skill with no install spec or code files, so nothing is downloaded or written to disk by the skill itself.
Credentials
No environment variables or credentials are requested in the registry metadata. The workflow expects access to local files and to pilotctl/its daemon (network/peer access), which is proportionate for a model-sharing skill. Note: pilotctl may itself rely on persistent keys/config stored elsewhere — the skill does not declare or explain those.
Persistence & Privilege
always is false and the skill is user-invocable. It does not request permanent presence or attempt to modify other skills or system-wide settings.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install pilot-model-share - 安装完成后,直接呼叫该 Skill 的名称或使用
/pilot-model-share触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
Initial release
元数据
常见问题
Pilot Model Share 是什么?
Distribute ML model files with model card metadata and version tracking over Pilot Protocol. Use this skill when: 1. You need to share PyTorch, ONNX, or Safe... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 91 次。
如何安装 Pilot Model Share?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install pilot-model-share」即可一键安装,无需额外配置。
Pilot Model Share 是免费的吗?
是的,Pilot Model Share 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
Pilot Model Share 支持哪些平台?
Pilot Model Share 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Pilot Model Share?
由 Calin Teodor(@teoslayer)开发并维护,当前版本 v1.0.0。
推荐 Skills