Multi-Agent Dev Team
PassAudited by ClawScan on May 1, 2026.
Overview
This instruction-only skill is coherent and disclosed, but it gives the agents normal software-development powers such as running commands, writing files, coordinating another agent, storing project notes, and optionally pushing to GitHub.
This skill appears purpose-aligned and not deceptive. Before installing, configure a dedicated workspace, review generated code before deploying, avoid including secrets in prompts, use least-privileged GitHub credentials if pushing code, and periodically check or clear saved project memory.
Findings (5)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agents may create or change project files, install packages, run builds/tests, start development servers, and make Git commits.
The Dev agent is explicitly expected to modify files, run local commands, and manage processes. This is central to software development, but it can affect the user's local environment.
- `Read/Write`: File operations - `exec`: Run commands (npm install, git, etc.) - `process`: Manage long-running processes
Use a dedicated project directory, review generated code and commands before deployment, and avoid running the skill in sensitive repositories unless you intend the agents to modify them.
New projects may include third-party dependencies that can introduce vulnerabilities or unexpected behavior.
The documented workflow may use npm scaffolding and package installation, including a latest-version package. This is normal for web development but depends on external package provenance.
npx create-next-app@latest project-name npm install <packages>
Review package.json changes, use lockfiles, run dependency audits, and prefer trusted or pinned packages for important projects.
If credentials are available, the agent could push generated code to GitHub repositories under the user's authority.
The Dev agent may use user-provided GitHub credentials to mutate a remote account or repository. The behavior is disclosed and tied to the development purpose.
- Push code to GitHub when credentials provided
Use least-privileged GitHub tokens, confirm the target repository before pushing, and avoid providing broad account credentials unless needed.
Project requirements, decisions, or other context may be saved and reused in later tasks.
The PM agent is instructed to persist project plans and reusable patterns for future work. This is useful for project management but may retain private project context.
- Store project plans in `memory/YYYY-MM-DD.md` - Keep reusable templates in workspace - Document successful patterns for future projects - Track agent performance and iteration counts
Do not include secrets or sensitive business details in project specs unless necessary, and periodically review or clear the skill's memory files.
Information given to the PM agent may be sent to the Dev agent and appear in session history.
The skill's core design passes task specifications and progress information between a PM agent and a Dev agent. This is disclosed and purpose-aligned, but it expands where project context is shared.
- `sessions_spawn`: Start Dev agent with task - `sessions_history`: Monitor Dev agent progress - `sessions_list`: Check active sessions
Treat both agents as part of the same project workspace, avoid putting credentials in task descriptions, and review session history if sensitive context was shared.