Naruto Multi-Agent CN
ReviewAudited by ClawScan on May 10, 2026.
Overview
It does not show malware or credential theft, but it needs review because it routes all real work into persistent sub-agent sessions that can retain and mix task context.
Install only if you want this persistent multi-agent workflow. Do not use it for sensitive or secret-heavy work unless you can control what context is forwarded and clear or isolate the sub-agent sessions afterward.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
When active, the skill may stop the main agent from doing tasks directly and route them through sub-agents instead.
This explicitly changes the main agent’s role and forces a specific delegation tool pattern for real work.
你是纯调度员。你不能使用 exec、文件读写、搜索等任何执行工具。所有实际工作必须通过 `sessions_spawn` 委派给忍者。
Use this only when you intentionally want a multi-agent dispatcher; do not invoke it for tasks where you expect direct single-agent execution.
Sensitive context or prior instructions from one task could persist and influence later unrelated tasks handled by the same sub-agent.
The skill intentionally reuses fixed sessions so sub-agents remember prior work, but it does not describe reset, retention, or isolation controls.
`sessionKey` 的作用是让同一个忍者复用同一个 session,保持记忆连续!
Avoid using this with secrets or unrelated projects unless you can clear or isolate the spawned sessions; add explicit reset/retention guidance.
Private user details may be forwarded into one or more persistent sub-agent sessions and retained there beyond the immediate request.
The coordinator must copy needed conversation/task context into spawned agent messages, but the artifacts do not define data-minimization or sensitive-context boundaries.
task — 自包含的任务卷轴(忍者看不到你和委托人的对话,必须写清楚)
Forward only the minimum necessary context, ask before spawning on sensitive tasks, and avoid including passwords, tokens, private files, or unrelated conversation history.