Back to skill
Skillv1.0.0
ClawScan security
Async Programming · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 1, 2026, 5:19 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's instructions, requirements, and metadata are coherent with its stated purpose (asynchronously spawning subagents to handle programming tasks and immediately acknowledging the user).
- Guidance
- This skill is coherent for its stated purpose: it will autonomously spawn child agents to do programming work and immediately confirm to the user. Before installing, verify the platform-level permissions and safeguards for sessions_spawn/subagents: confirm what filesystem and network access spawned subagents have, check max concurrent and timeout settings (manifest shows maxConcurrent=8, SKILL.md uses runTimeoutSeconds=900 while defaults show 600), and ensure you are comfortable with agents making code changes to repositories (examples reference /root paths). Also confirm the model used (bailian/qwen3-coder-plus) is acceptable for your environment. If you need stricter limits, ask for explicit sandboxing, reduced concurrency, or review hooks that require manual approval before code-modifying subagents run.
Review Dimensions
- Purpose & Capability
- okName/description, skill.yaml requirements (sessions_spawn, subagents) and SKILL.md all describe the same capability: spawn subagents to run programming tasks and immediately reply. No unrelated environment variables, binaries, or external endpoints are requested.
- Instruction Scope
- noteSKILL.md explicitly instructs using platform APIs (sessions_spawn, subagents(action="list")) and to supply task, label, model, timeout. This matches the purpose. Note: the skill relies on subagents executing code against project paths (examples reference /root/...), but it does not define access controls or limits on what spawned subagents may read/write. Also the SKILL.md prescribes a specific coder model (bailian/qwen3-coder-plus). These are expected for the goal but you should confirm platform-level safeguards for subagent filesystem and network access.
- Install Mechanism
- okInstruction-only skill with no install spec and no code files to write/execute. Low installation risk.
- Credentials
- okNo environment variables, credentials, or config paths are required beyond referencing openclaw.json defaults. The declared requirements (sessions_spawn, subagents) are proportional to the stated functionality.
- Persistence & Privilege
- okalways:false and default autonomous invocation are used (normal). The skill spawns subagents but does not request persistent system-wide privileges or modify other skills. Consider that autonomous subagent spawning is the intended behavior and grants runtime capability to run code.