OpenClaw Cofounder Skill
PassAudited by ClawScan on May 1, 2026.
Overview
This looks like a legitimate CoFounder.im connector, but it uses an API token and remote AI build plans to guide sub-agents, so users should review each approval carefully.
Before installing, be comfortable giving the skill a CoFounder.im API token and letting it fetch your startup build specs. Use a clean workspace, review each generated phase and command, and only approve sub-agents or external services that match what you expect to build.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Approved sub-agent tasks could modify files or run build commands in the user's workspace.
The skill can turn a fetched build plan into sub-agent tasks, which may lead to local commands or workspace changes; the same instruction requires approval before spawning.
Parse the `openclaw_builder` output to identify sub-agent tasks, then present them to the user for approval before spawning.
Approve only reviewed phases, run in a dedicated project directory or container, and avoid granting broad shell or cloud access unless needed.
Anyone with access to the configured token may be able to read the user's CoFounder.im project data through the API.
The skill requires a bearer token to access the user's CoFounder.im projects and build specifications.
Always authenticate with the bearer token from `COFOUNDER_API_TOKEN`.
Use a scoped token if available, store it securely, and revoke or rotate it if it is exposed.
A bad or overly broad build spec could influence sub-agent goals, commands, or generated code if not reviewed.
Remote AI-generated content is intentionally loaded into the agent context and used to shape later agent actions.
The build spec contains agent outputs keyed by type ... The `openclaw_builder` output is the most important — it contains a structured multi-agent build plan designed specifically for OpenClaw.
Treat fetched build specs as untrusted plans: review them for unsafe commands, unexpected integrations, or secret-handling instructions before approval.