Create SubAgent
PassAudited by ClawScan on May 10, 2026.
Overview
This instruction-only skill appears aligned with creating and managing SubAgents, but users should notice that it can spawn tool-using or persistent subagents and the README references a script that is not included.
Install this only if you intentionally want your agent to create and manage SubAgents. Use narrow task descriptions, prefer one-off run mode unless you need persistence, monitor logs, kill SubAgents when finished, and do not run the README’s referenced PowerShell script unless you obtain and verify it separately.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A spawned SubAgent could read or write files or run Python code as part of the assigned task.
The data-analysis SubAgent template explicitly names execution and file tools. This is expected for a data-analysis/development helper, but it means spawned agents may perform impactful actions if those tools are available.
工具:exec (Python), read, write
Give SubAgents narrow tasks, specify allowed files or directories, and review before allowing code execution or file modification.
Information you send to the SubAgent may appear in SubAgent context or logs.
The skill creates separate SubAgent sessions and provides commands for sending messages and viewing logs. This is central to the skill, but it creates inter-agent communication paths where user data or task context may be shared.
调用 sessions_spawn ... /subagents send <id|#> "消息内容"
Avoid sending secrets or sensitive files unless needed, and review SubAgent logs and messages when handling private data.
A SubAgent session or its retained artifacts may outlive the initial request until it is archived or killed.
The skill supports persistent SubAgent sessions and keeps cleanup artifacts by default. It also discloses kill commands and automatic archiving, so this is not hidden behavior, but persistence should be understood.
`session` - 持久会话 ... cleanup: "keep"
Prefer run mode for one-off work, use `/subagents kill` when finished, and choose cleanup settings that match your privacy needs.
If you find or download a similarly named script elsewhere, it was not part of the reviewed artifacts.
The README documents a PowerShell helper script, but the supplied manifest contains no such script and the package is described as instruction-only. This is a documentation/provenance gap, not evidence of malicious code.
.\create-subagent.ps1 -preset dev
Do not run any external create-subagent script unless it is obtained from a trusted source and reviewed separately.