Search Analyst Pair

Security checks across static analysis, malware telemetry, and agentic risk

Overview

This is a coherent, user-triggered multi-agent research workflow, with review notes for its OpenClaw token, agent-to-agent sharing, and docs-only provenance.

Before installing, confirm you trust the configured `main`, `search`, and `analyst` agents and any underlying providers with the data you will send through `/hunt`. Use a scoped OpenClaw token, keep agent-to-agent allowlists narrow, and verify any runtime workflow assets referenced outside the registry package.

Static analysis

No static analysis findings were reported for this release.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal

Risk analysis

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

#ASI03: Identity and Privilege Abuse

Low

What this means

Using the skill requires a sensitive OpenClaw token to be available to the runtime.

Why it was flagged

The skill expects an OpenClaw gateway credential. That is purpose-aligned for orchestrating OpenClaw agents, but the token may authorize access to the user's gateway if over-scoped or mishandled.

Skill content

requires:
  env:
    - OPENCLAW_BASE_URL
    - OPENCLAW_TOKEN
...
primaryEnv: OPENCLAW_TOKEN

Recommendation

Use the least-privileged OpenClaw token that supports this workflow, keep it out of prompts and logs, and rotate it if exposed.

#ASI07: Insecure Inter-Agent Communication

Low

What this means

Research prompts, source findings, and analysis outputs may be shared among the configured agents/providers.

Why it was flagged

The workflow intentionally routes the user's research request and intermediate results among multiple named agents/providers using agent-to-agent permissions.

Skill content

Search (DeepSeek) ... Analyst (Gemini) ... Main (Kimi) ... tools.agentToAgent.enabled=true ... subagents.allowAgents configured

Recommendation

Use it only with agents/providers trusted for the data in the request, and keep the allowlist limited to the intended `main`, `search`, and `analyst` agents.

#ASI04: Agentic Supply Chain Vulnerabilities

Low

What this means

The registry package does not itself show the runtime workflow implementation users may deploy.

Why it was flagged

The submitted package is documentation-only and references runtime workflow assets outside the artifact set. This creates a provenance gap for the actual runner, although the artifacts do not instruct automatic execution of unreviewed code.

Skill content

Runtime workflow assets are maintained here:

- `/Users/lihaochen/openclaw/workspace/workflows/search_analyst_pair/`

This submission package contains the registry-facing docs

Recommendation

Verify any external or local workflow assets before use, and prefer a packaged, versioned implementation whose code matches the published documentation.