Agent Designer
PassAudited by VirusTotal on May 12, 2026.
Overview
Type: OpenClaw Skill Name: agent-designer Version: 2.1.1 The Agent Designer bundle is a legitimate toolkit for architecting and evaluating multi-agent AI systems. The included Python scripts (agent_planner.py, agent_evaluator.py, and tool_schema_generator.py) are well-documented data processors that handle JSON-based requirements and logs without utilizing any high-risk functions such as remote code execution, network requests, or unauthorized file system access. The SKILL.md and reference documentation provide architectural guidance and lack any evidence of malicious prompt injection or instructions designed to subvert the AI agent's behavior.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Users may need to make their own trust decision about the included local scripts and ensure Python is available before using the documented helpers.
The registry metadata provides limited provenance and does not declare Python as a requirement even though the README documents Python helper scripts. This is a transparency/provenance note rather than suspicious behavior.
Source: unknown; Homepage: none; Required binaries: none; No install spec — this is an instruction-only skill.
Review the included scripts before running them and run them from a controlled working directory with intended input files.
Running the helpers executes local code and writes files using the chosen output prefix.
The documented workflow asks the user to run local Python scripts that create output files. This is central to the skill’s stated purpose and is user-directed, not automatic.
python agent_planner.py assets/sample_system_requirements.json -o my_architecture ... This generates: my_architecture.json ... my_architecture_diagram.mmd ... my_architecture_roadmap.json
Run the commands only when intended, review outputs before using them operationally, and avoid feeding sensitive logs or requirements unless appropriate.
If a user implements generated designs literally, agents could be given high-impact abilities such as code execution, file operations, or external API calls.
The planner can include broad tool archetypes in generated architecture designs. The artifacts show these as design descriptors rather than direct runtime tool access, but implementations of such tools would need strong scoping and approval controls.
"code_executor": Tool(... description="Execute code in various languages" ...), "file_manager": Tool(... description="Manage files and directories" ...), "api_client": Tool(... description="Make API calls to external services" ...)
Treat generated tool recommendations as drafts; add least-privilege scopes, human approval for high-impact actions, input validation, logging, and rollback plans before implementation.
Poorly scoped agent-to-agent communication in a system built from these designs could spread bad inputs or expose shared data between agents.
The skill teaches and may generate designs involving message queues and shared state between agents. This is purpose-aligned architecture guidance, but such designs require clear identity, origin, permission, and data-boundary rules when implemented.
Communication Patterns ... Message Passing ... Asynchronous Messaging ... Message queues ... Shared State ... State Stores
When implementing generated architectures, define message schemas, authentication, authorization, provenance tracking, and data-retention rules for all shared state and inter-agent channels.