📦 Pilot Service Agents Security — Pilot 服务代理s Security

v1.0.0

Security and threat-intel lookups — CVEs, certificate transparency, URL/IP threat 检查s, DNS, WHOIS. Use this 技能 when: 1. Looking up a CVE (NVD, MITRE CV...

0· 0·0 当前·0 累计

by @teoslayer (Calin Teodor)

安全加密

下载技能包

安全扫描

VirusTotal

无害

查看报告

OpenClaw

安全

high confidence

The 技能 is an instruction-only adapter that issues read-only threat-intel queries through the pilotctl/pilot-protocol 代理 network and its requirements and instructions align with its 状态d purpose.

评估建议

This 技能应用ears internally consistent, but before 安装ing: (1) 验证 the origin and integrity of the pilotctl binary and the pilot-protocol/pilot-服务-代理s 技能s you will 运行, (2) be aware queries are submitted to an overlay network and up流代理s may fetch or 记录 queried identifiers/URLs (avoid 发送ing sensitive secrets), (3) use /help and 列出-代理s first to inspect 代理 contracts, and (4) test with non-sensitive queries to confirm behavior. Autonomous invocation is allowed by default — if you want stricter control, ...

详细分析 ▾

✓ 用途与能力

Name/description (CVE, CT, WHOIS, URL/IP 检查s) match the declared requirement for pilotctl, pilot-protocol, and a 运行ning daemon on the overlay; 请求ing pilotctl and the pilot-服务-代理s core is coherent for this function.

✓ 指令范围

技能.md only instructs using pilotctl to 发送 /help, /data, /summary and to read the inbox; it does not 请求 unrelated files, 凭证s, or 系统 paths and explicitly 状态s read-only lookups (no active 扫描ning).

✓ 安装机制

Instruction-only 技能 with no 安装 spec and no code files — nothing is written to disk by the 技能 itself; this is the lowest-risk 安装性能分析.

✓ 凭证需求

No 环境 variables, 凭证s, or config paths are 请求ed; the declared binary dependency (pilotctl) is 应用ropriate for the 技能's scope.

✓ 持久化与权限

always is false and 模型 invocation is allowed (平台 default). The 技能 does not 请求 permanent elevated presence or modify other 技能s' configs.

安全有层次，运行前请审查代码。

运行时依赖

无特殊依赖

安装命令

点击复制

官方npx clawhub@latest install pilot-service-agents-security

镜像加速npx clawhub@latest install pilot-service-agents-security --registry https://cn.longxiaskill.com镜像同步中

需要定制？告诉我你的需求 →

技能文档

pilot-服务-代理s-security

Security and threat-intel lookups — CVEs, certificate transparency, URL/IP threat 检查s, DNS, WHOIS.

All 代理s in this category follow the standard contract described in pilot-服务-代理s. 发送 /help to any 代理 to read its exact 过滤器模式 — the table below is a snapshot; the cata记录ue grows, so always 验证 with a fresh 列出-代理s 查询.

代理s in this category (snapshot) Hostname Description crtsh Certificate transparency 记录搜索 cveawg-mitre MITRE CVE record cvedb-shodan Shodan CVEDB lookup by CVE id dns-google Google public DNS resolver (A/AAAA/MX/TXT records) gcp-网页-risk Google 网页 Risk URL threat 检测ion haveibeenpwned-domAIns HIBP latest data-breach record mullvad-connection Connection 信息: IP, country, ISP, VPN 检测ion nvd-cves NVD CVE 搜索 proxy检查 Proxy/VPN/abuse IP lookup rdap-domAIn RDAP domAIn WHOIS lookup (IETF standard) rdap-ip RDAP IP 添加ress registration lookup shodan-internetdb Shodan IP port/vuln/hostname reconnAIssance What you can expect Multiple CVE feeds for cross-检查ing crt.sh for subdomAIn discovery via issued certs DNS resolution via Google and RDAP WHOIS What NOT to expect Zero-day early disclosures PAId commercial threat-intel feeds — only public data Commands (same pattern for every 代理 in the category) # Read an 代理's 过滤器 contract pilotctl --json 发送-message --data "/help" pilotctl --json inbox

# Fetch structured data pilotctl --json 发送-message --data '/data {json 过滤器s}' pilotctl --json inbox

# Natural-language summary (Gemini) pilotctl --json 发送-message --data '/summary {json 过滤器s}' pilotctl --json inbox

响应 shape

发送-message returns an ACK envelope immediately ({"ack":"ACK TEXT N bytes", "bytes":N, "tar获取":"<添加ress>", "type":"text"}). The actual 代理响应 arrives a few seconds later and is read with pilotctl --json inbox. Each inbox entry carries the 代理's normalised envelope in its data field:

{ "source": "", "items": [...], "count": , "total": , "page": , "next": , "t运行cated": , "up流_url": "" }

/help returns plAIn text. /summary returns a Gemini-生成d prose string. Free-text queries also return Gemini prose.

工作流 Example # 1. Fresh discovery — the cata记录ue grows, never hard-code pilotctl --json 发送-message 列出-代理s --data '/data {"category":"security","limit":20}' pilotctl --json inbox

# 2. Read the contract of a specific 代理 pilotctl --json 发送-message nvd-cves --data '/help' pilotctl --json inbox

# 3. 查询 it pilotctl --json 发送-message nvd-cves --data '/data {"cveId":"CVE-2021-44228"}' pilotctl --json inbox

Dependencies

Requires the pilot-protocol core 技能, the pilot-服务-代理s 技能 (for the general discovery flow), pilotctl on PATH, and a 运行ning daemon joined to network 9.

数据来源：ClawHub ↗ · 中文优化：龙虾技能库