Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Task Router Skill
v1.0.0Distributed task queue for OpenClaw multi-agent systems that routes tasks by capability, tracks lifecycle, coordinates async handoffs, rebalances load, and m...
⭐ 0· 737·3 current·3 all-time
bycaptmarbles@capt-marbles
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
Name, description, and the CLI/config examples align: a task router using a local filesystem layout (~/.openclaw/task-router) to track queues, agents, and tasks. There are no unrelated environment variables, binaries, or install steps requested that would contradict the stated purpose.
Instruction Scope
SKILL.md is an instruction-only spec that describes task lifecycle, CLI usage, and the config/queue layout but omits how agents authenticate or how the router is invoked/hosted. It also mentions external notification channels (e.g., Discord) without documenting required endpoints or secrets. Because it gives no constraints on who can register an agent or how heartbeats are authenticated, the instructions allow ambiguous agent registration and potential impersonation/unauthorized task consumption.
Install Mechanism
There is no install spec and no code files — lowest-risk delivery model. The doc references a 'clawhub install task-router' step, which is an expected convenience instruction but not a downloaded install spec in the package. No archives or remote URLs are used by the skill itself.
Credentials
The skill requests no environment variables or credentials, which is proportionate for a local, config-file–based router. However, the docs hint at external notification channels (Discord, etc.) and multi-agent heartbeats without specifying tokens, network endpoints, or authorization — either those integrations are intentionally omitted (benign), or the skill expects external secrets to be configured later (not documented). This lack of explicit credential handling is a gap worth clarifying.
Persistence & Privilege
always is false and autonomous invocation is allowed (platform default). The skill stores state under ~/.openclaw/task-router, which is scoped to the user's home and consistent with its function. It does not request system-wide config changes or other skills' credentials.
What to consider before installing
This skill appears to implement a local task router and is internally consistent, but it leaves out important operational and security details. Before installing or using it in production, verify: (1) how agents authenticate and how registrations/heartbeats are authorized (prevent rogue agents from registering or stealing tasks); (2) the network transport used for agent communication and whether it uses TLS; (3) how notifications to external services (Discord, etc.) are configured and where secrets are stored; (4) who can run the 'task' CLI and whether file permissions on ~/.openclaw/task-router are restricted; (5) whether logs or task payloads may contain sensitive data and how they're protected. If the publisher cannot document agent auth, token handling, and runtime hosting, run the router in a sandboxed environment only and audit agent registrations and filesystem permissions.Like a lobster shell, security has layers — review code before you run it.
latestvk972vyqmat9bskkx0av07zhmdn819c38
License
MIT-0
Free to use, modify, and redistribute. No attribution required.