Agent Pipeline
Security checks across malware telemetry and agentic risk
Overview
The skill is a coherent development workflow, but it shares the main agent’s auth profile with every sub-agent and performs persistent repo/project updates, so it needs review before use.
Use this only in a trusted development environment where the board endpoint, planner, repository, and branches are intended targets. Before using it, replace wholesale auth-profile copying with least-privilege per-agent credentials and require confirmation before pushing code or updating project systems.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Sub-agents could inherit broad account or workspace access from the main agent, increasing the impact of mistakes or unintended actions.
This directs the main agent’s authentication/profile store to be copied to every spawned role, without limiting which credentials are included, where they are copied, how long they persist, or what each sub-agent may do with them.
- Auth: all agents need `auth-profiles.json` copied from main agent
Do not copy the main auth profile wholesale. Use separate least-privilege, per-role credentials or ephemeral tokens, declare the credential/config requirement, and require explicit user approval for credential sharing.
Sensitive project context or credentials could be shared more broadly across agents than the user expects.
The skill coordinates multiple sub-agents and gives them shared authentication, but it does not define isolation, context-sharing limits, identity verification, or per-role data boundaries.
Standard development workflow for code tasks using spawned sub-agents ... Agents use `agentId` matching their role ... Auth: all agents need `auth-profiles.json` copied from main agent
Define what each sub-agent may receive and return, avoid shared credentials, isolate per-role workspaces where possible, and log/approve any transfer of sensitive context.
If invoked in the wrong repository or project, the agent could push unwanted changes or post task details to the wrong board/planner target.
The skill instructs the agent to make persistent git, planner, and board API changes. These actions are disclosed and aligned with the development workflow, but they are impactful and should be user-confirmed.
Commit with descriptive message; Push to feature branch; Update Planner task with dev notes ... Create item: POST `http://10.0.0.40:3000/api/board/projects/{project}/items`Confirm the repository, branch, planner task, and board endpoint before writes; make the board URL configurable; and require explicit approval before git push or project-management updates.