ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Agent Task Manager

v1.0.0

Manages and orchestrates multi-step, stateful agent workflows; handles task dependencies, persistent state, error recovery, and external rate-limiting. Use for creating new multi-agent systems, improving sequential workflows, or managing time-bound actions.

1· 2.8k·6 current·6 all-time
by@dobbybud
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
medium confidence
Purpose & Capability
Name/description align with the provided files: orchestrator, task state manager, parser, and a cooldown wrapper implement the described multi-step workflows, state persistence, and rate-limit handling. The example workflows and role templates are consistent with the code (roles are simulated/placeholders).
!
Instruction Scope
SKILL.md and the scripts remain within the orchestration domain, but cooldown.sh executes an arbitrary COMMAND with eval("$COMMAND") — this permits arbitrary shell execution if untrusted input reaches it. The orchestrator currently uses simulated role functions (no network calls), but the code writes/reads local state files (task_state.json, agent_task_manager_data/*).
Install Mechanism
No install spec — instruction-only with bundled scripts. Nothing is downloaded or installed automatically, so no install-time network code to review.
Credentials
The skill declares no required credentials or env vars, and code does not access external tokens. However example workflows reference external channels (Signal, Moltbook) and the orchestrator contains placeholders for sending messages; integrating real notification or API calls will require adding credentials later. Currently there is no unexplained credential access.
Persistence & Privilege
The skill persists state locally (task_state.json) and creates a timestamp directory agent_task_manager_data/ for cooldowns. It does not request always:true, does not modify other skills, nor attempt system-wide config changes.
Assessment
This skill appears to do what it says: local orchestration, state persistence, and cooldown management. Before installing or running it, consider: 1) The cooldown script uses eval to run commands — if you feed untrusted strings into the wrapper or tasks, an attacker could run arbitrary shell commands. Replace eval with safer execution (array-style exec) or strictly validate/whitelist commands. 2) The skill writes task_state.json and agent_task_manager_data/ in the current working directory — run it in a sandboxed directory and review or back up those files. 3) Notification and external integrations are placeholders; if you wire in Signal/Moltbook/other APIs you will need to supply credentials — ensure you store tokens securely and only grant least privilege. 4) Audit any tasks created from user input to ensure they cannot inject shell commands or arbitrary actions. If you plan to run in production or give the skill network access, review and harden the code (remove eval, validate inputs, and implement explicit API clients) and consider running it in an isolated environment first.

Like a lobster shell, security has layers — review code before you run it.

latestvk978f9ksmfb0q903prd833ggpd80bc25

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments