Create Project
WarnAudited by ClawScan on May 10, 2026.
Overview
The skill creates the requested Orchestrix project, but it also installs automation that can accept safety and approval prompts and run multi-agent hooks without fresh user confirmation.
Use this only if you intentionally want Orchestrix tmux multi-agent automation. Before running it, review or disable the auto-approval and auto-trust logic, understand the installed Claude Stop hook, and keep the Orchestrix license key out of version control.
Findings (7)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Actions that normally require confirmation could be approved automatically inside the tmux agent session.
The monitor helper explicitly sends a yes response into a Claude Code pane when it detects what it labels as an approval prompt.
# Priority 3: Handle approval prompt — auto-approve ... tmux send-keys -t "$SESSION:$WINDOW" "y" Enter
Remove automatic approval, or make it an explicit opt-in with a narrow allowlist and visible confirmation for each high-impact action.
A directory trust or safety decision may be accepted without the user reviewing the prompt.
The script is designed to detect Claude Code trust or safety prompts and press Enter automatically instead of leaving that decision to the user.
auto-accepting trust dialog if it appears ... grep -qi "trust this folder\|safety check" ... tmux send-keys -t "$SESSION:0" Enter
Do not auto-accept trust or safety prompts; require the user to approve those prompts directly.
The project will contain persistent automation that can run after agent stops, not just during the initial scaffolding task.
The generated Claude settings install a Stop hook with an empty matcher, so the handoff detector can run on future Stop events in the project.
"matcher": "", ... "command": "bash -c 'cd \"$(git rev-parse --show-toplevel)\" && .claude/hooks/handoff-detector.sh'"
Make hook installation optional, document when it runs, and provide a simple way to disable or remove it.
A mistaken or spoofed handoff-looking message in an agent pane could propagate work to another agent without a clear containment step.
The handoff system is designed to scan tmux pane text and route work to other agents based on detected HANDOFF-style messages.
# Triggers on Claude Code Stop event, detects HANDOFF and routes to target agent ... # Scans ALL tmux windows to find HANDOFF message
Require structured, authenticated handoff records or user confirmation before routing commands between agents.
The license key may be stored in the project directory and could be exposed if the file is committed or shared.
The skill asks for an Orchestrix license key and writes it into the generated MCP configuration file.
Orchestrix License Key ... 将 `{{ORCHESTRIX_LICENSE_KEY}}` 替换为用户提供的 License Key ... 写入 `$PROJECT_DIR/.mcp.json`Keep `.mcp.json` out of version control or use an environment variable/secret manager for the license key.
Agent behavior can be shaped by content served by the Orchestrix MCP server, so users need to trust that server and its agent definitions.
The installed slash command loads agent configuration from the Orchestrix MCP server and tells the agent to follow the fetched activation instructions.
ReadMcpResourceTool(server="orchestrix", uri="orchestrix://agents/{agent_id}.yaml") ... Adopt the persona defined ... Follow `activation_instructions` exactlyUse only trusted MCP servers and review agent definitions or activation instructions before relying on them for sensitive work.
The skill may fail or require additional local tooling that was not declared in the registry metadata.
The runtime script requires `tmux` and the `cc` Claude Code command, while the registry requirements list only `git` and `bash`.
if ! command -v tmux &> /dev/null ... if ! command -v cc &> /dev/null
Declare all required runtime binaries and document the expected Claude Code CLI setup.