ClawHub

OpenClaw Coding Agent Playbook

v0.1.0

Delegate coding tasks to Codex, Claude Code, or Pi agents via background process. Use when: (1) building/creating new features or apps, (2) reviewing PRs (sp...

0· 26·0 current·0 all-time
byDaniel Sinewe@danielsinewe·duplicate of @utromaya-code/coding-delegate-agent
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Pending
View report →
OpenClawOpenClaw
Benign
medium confidence
Purpose & Capability
Name/description ask to delegate work to Codex/Claude/Pi/OpenCode and the SKILL.md explicitly requires those CLIs (anyBins). Requiring those binaries and describing PTY/workdir/background semantics is coherent for this purpose.
Instruction Scope
Instructions focus on spawning coding agents in a workdir, using PTY and background sessions and monitoring them. They explicitly recommend cloning PRs into temp dirs and avoiding specific workspace paths (good). However the playbook also advises using insecure runtime flags (e.g., Claude's --permission-mode bypassPermissions, Codex's --yolo, and 'elevated' host mode), which expand the agent's access and risk — these are relevant to the task but materially increase blast radius and should be used cautiously.
Install Mechanism
Instruction-only skill with no install spec and no code files — nothing is written to disk by the skill itself. Low install risk.
Credentials
No environment variables, credentials, or config paths are required by the skill bundle. The instructions do reference user tool configs (e.g., ~/.codex/config.toml) as contextual, which is reasonable; the skill does not demand unrelated secrets.
Persistence & Privilege
always:false and no install hooks. The skill relies on running external CLIs and background processes (the playbook describes using background sessions), which is expected. Note: allowing autonomous model invocation is default; combined with the playbook's recommended bypass/elevation flags this could be dangerous if the user enables those behaviors in their agent policy.
Scan Findings in Context
[no_regex_findings] expected: Scanner found nothing — expected because this is an instruction-only skill with no code files to analyze.
Assessment
This playbook appears to do what it says: it tells you how to spawn and manage external coding CLIs. That said, it explicitly recommends insecure options (e.g., --permission-mode bypassPermissions, --yolo/no-sandbox, and 'elevated' host execution) which remove protections and give spawned agents broader access to your files and system. Before using it: (1) avoid or audit any use of bypassPermissions/--yolo and never use elevated mode unless you fully understand the implications; (2) follow its guidance to run work in temporary/cloned directories and not in sensitive folders; (3) ensure the claude/codex/pi/opencode binaries you invoke are from trusted sources; (4) prefer sandboxed/default modes and grant broader permissions only in controlled, isolated environments (VM/container); and (5) inspect your local tool configs (e.g., ~/.codex/config.toml) — the skill references them and they can influence behavior. If you want a stricter review, provide the full SKILL.md (complete, untruncated) or any example commands you plan to run and I can point out specific risky lines.

Like a lobster shell, security has layers — review code before you run it.

agentsvk97enfzedyej8aks6zh10qagvx84f7h2automationvk97enfzedyej8aks6zh10qagvx84f7h2claudevk97enfzedyej8aks6zh10qagvx84f7h2codexvk97enfzedyej8aks6zh10qagvx84f7h2codingvk97enfzedyej8aks6zh10qagvx84f7h2latestvk97enfzedyej8aks6zh10qagvx84f7h2openclawvk97enfzedyej8aks6zh10qagvx84f7h2opencodevk97enfzedyej8aks6zh10qagvx84f7h2

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🧩 Clawdis
Any binclaude, codex, opencode, pi

Comments