What Is Agentpmt
AdvisoryAudited by Static analysis on May 13, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If the user follows the setup path, an agent may be able to run workflows or tools that affect connected apps and data.
The skill describes broad workflow and tool-execution capability through AgentPMT. This is aligned with the platform overview purpose, but users should understand that downstream tools may perform meaningful actions across connected services.
Agents can run complex multi-step workflows that chain tools, approvals, data movement, and specialized tasks.
Review and limit the tools and workflows available in the AgentPMT Agent Group before using it for real tasks.
A bearer token or stored AgentPMT credentials could allow actions on connected services within the permissions of the Agent Group.
The skill explicitly discusses delegated credentials and bearer-token access for AgentPMT. This is expected for the described integration path, and the artifact does not show credential leakage or hidden use.
Add the tools, workflows, agents, skills, and credentials the caller may use. Copy the Agent Group Bearer Token. Connect the main MCP server or call REST with `Authorization: Bearer <agentpmt_bearer_token>`.
Use least-privilege Agent Groups, keep bearer tokens secret, rotate tokens if exposed, and avoid adding unnecessary connected accounts or credentials.
Tasks may be routed to other agents or external AgentPMT services, which can affect where prompts, files, or task details are processed.
The skill describes agent-to-agent work and MCP-based access. This is central to AgentPMT’s stated purpose, but users should be aware that data and task context may be shared with other agents or services depending on configuration.
Agents can access other agents and hire them for specialized work.
Before enabling agent-to-agent workflows, confirm what data may be shared, which agents can be called, and what approvals are required.
The safety of the full setup depends partly on additional skills or documentation not included in this review.
The skill refers users to other AgentPMT setup skills that are not included in this artifact set. This is not suspicious by itself, but those downstream skills should be reviewed separately before use.
Use the setup skill: ../agentpmt-account-mcp-rest-api-setup
Review any referenced setup or product-specific AgentPMT skills before granting credentials, wallet access, or tool permissions.