Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
多代理编排引擎
v7.0.0多代理编排引擎 - 目标驱动的深度研究与项目协作系统。支持任务分解、分支执行、验证审核、返工迭代、智能决策。遵循第一性原理,实现主代理与分支代理的双向通信。触发词:多代理、multi-agent、代理编排、深度研究、目标分解、任务委派、工作流、agent orchestrate、multi agent
⭐ 0· 22·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
medium confidencePurpose & Capability
Name/description (multi-agent orchestration) match the included code and SKILL.md. The modules implement planning, spawn-param construction, aggregation, validation, archiving, and model adaptation which are all relevant to the stated purpose.
Instruction Scope
SKILL.md and code direct the agent to read and write under ~/.openclaw/workspace (profile, workflows, agents, shared/*), to inspect openclaw.json/model pools and to create execution boards and archives. This is expected for an orchestrator, but it means the skill will read local OpenClaw config and write persistent files; it explicitly instructs use of the agent 'write' and 'read' tools and forbids shell 'exec' for file creation.
Install Mechanism
No install spec is provided (instruction-only at registry level) and included code is plain Node.js sources. No external downloads, URL installers, or archive extraction are present in the metadata. Running the code requires Node environment but there is no deployment-time network fetch in the manifest.
Credentials
The skill requests no external credentials via requires.env, which aligns with the manifest. However SKILL.md and code read OpenClaw configuration (openclaw.json and model pool snapshots) to select models and adapt roles; those configuration files may contain provider metadata (potentially including the existence of configured providers). If your OpenClaw config stores secrets/keys in those files, the skill will access them for discovery purposes—this is coherent with its function but worth reviewing.
Persistence & Privilege
always is false (normal). The skill writes persistent state and outputs under ~/.openclaw/workspace (profiles, agents, shared, archive). That level of persistence is expected for a workflow engine, but it does create and copy user-visible files and archives (it will archive agents' workspace contents), so ensure the workspace does not contain sensitive files you don't want copied/archived.
Assessment
This skill appears to do what it says (multi-agent orchestration) and does not request external credentials in its metadata, but it will read OpenClaw configuration and create/read/write persistent files under ~/.openclaw/workspace (agents/, shared/, archive/, etc.). Before installing or running: 1) Inspect your ~/.openclaw/openclaw.json and any model/provider config for secrets; consider removing or securing secrets if present. 2) Run 多代理 check_env in a test environment to confirm OpenClaw version and runtime. 3) Use a disposable workspace or backup existing ~/.openclaw/workspace if you have sensitive data there. 4) Review templates that include tools like 'exec'—those are agent role capabilities in templates (not the skill executing shell itself), but if you grant an agent exec/tool access later, be deliberate. If you want higher assurance, request source review of the omitted files (remaining 9 files) and confirm the code never performs network I/O or reads paths outside the declared workspace directory.lib/modelSelector.js:146
Dynamic code execution detected.
Patterns worth reviewing
These patterns may indicate risky behavior. Check the VirusTotal and OpenClaw results above for context-aware analysis before installing.Like a lobster shell, security has layers — review code before you run it.
latestvk97bz8d4ptm5nqsbmn6h82mcfs84aq8a
License
MIT-0
Free to use, modify, and redistribute. No attribution required.