Decomposes complex user requests into executable subtasks, identifies required capabilities, searches for existing skills at skills.sh, and creates new skills when no solution exists. This skill should be used when the user submits a complex multi-step request, wants to automate workflows, or needs help breaking down large tasks into manageable pieces.
PassAudited by VirusTotal on May 12, 2026.
Overview
Type: OpenClaw Skill Name: task-decomposer Version: 1.0.0 The skill 'task-decomposer' is designed to help the AI agent break down complex tasks, identify required capabilities, search for existing skills on skills.sh, and generate new skills. The `SKILL.md` provides detailed instructions for the agent on how to perform these steps, including using `npx skills find`, `npx skills add`, and `npx skills init` commands, which are legitimate tools within the OpenClaw ecosystem. There is no evidence of prompt injection attempting to subvert the agent's behavior, exfiltrate data, execute arbitrary malicious code, or establish persistence. All commands and URLs (e.g., `https://skills.sh`, `https://github.com/clawdbot-skills/task-decomposer`) are clearly stated and align with the skill's documented purpose.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A user could end up with unreviewed skills installed globally, which may change how the agent behaves in later tasks.
The documentation shows installing discovered third-party skills globally with an affirmative/noninteractive flag, but does not specify version pinning, source review, permission review, or user approval before installation.
npx skills add <owner/repo@skill> -g -y
Require explicit user confirmation before installing any skill, avoid default use of -y and global installation, review source and permissions, and pin trusted versions where possible.
The agent may generate or prepare new automation capabilities that affect files, accounts, APIs, or future agent behavior without a clearly documented checkpoint.
Creating new skills is core to the stated purpose, but the artifacts do not define clear approval, review, testing, or containment steps before newly generated capabilities are used.
automatically create new skills when no existing solution is available
Separate planning from execution: present the proposed new skill, requested permissions, generated files, and test plan to the user before creating, installing, or using it.
Scheduled automations may continue running until disabled, potentially sending messages, accessing services, or processing data later.
The example workflow includes creating an active scheduled job, which is expected for automation planning but can persist after the initial request.
name: "Configure scheduled execution" ... output: "Active scheduled job"
Ask the user to confirm any schedule, document where it is installed, and provide a clear disable or uninstall command.
If follow-on skills are installed or created, they may need access to private accounts or messaging channels.
The skill may identify workflows that require credentials or tokens for services such as email and Slack. This is expected for integrations, but these are sensitive privileges.
input: "Email credentials/session" ... input: "Summary text, Slack webhook/token"
Use least-privilege tokens, confirm exactly which account access is needed, and avoid sharing credentials with newly generated or unreviewed skills.