Skillv3.0.0

ClawScan security

Orchestrix Guide · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignMar 30, 2026, 2:24 PM

Verdict: benign
Confidence: medium
Model: gpt-5-mini
Summary: This is an instruction-only multi-agent/tmux workflow guide that is internally consistent with its stated purpose, but it includes automated acceptance behaviors (trust/approval) and relies on project scripts you should inspect before use.
Guidance: This is a coherent tmux-based orchestration manual rather than code. Before installing or using it: 1) Understand it will instruct the agent to send keystrokes into tmux and to auto-accept 'trust' and approval prompts — that can acknowledge prompts that you might otherwise want to inspect. 2) Verify the referenced scripts (e.g., .orchestrix-core/scripts/start-orchestrix.sh, monitor-agent.sh) are present in your project and review their contents for dangerous commands. 3) If you plan to run this on a machine with sensitive data, test in an isolated environment or sandbox first. 4) Consider disabling autonomous invocation or manually supervising runs if you are uncomfortable with automatic acceptance behaviors.

Review Dimensions

Purpose & Capability: okName/description claim a tmux-based multi-agent orchestration guide and the SKILL.md provides detailed tmux send-keys protocols, completion-detection, and handoff procedures — these requirements match the stated purpose and there are no unrelated env vars, binaries, or install steps.
Instruction Scope: noteInstructions stay within the orchestration domain (sending tmux keystrokes, capturing panes, checking files, running monitor/start scripts). However the guide explicitly instructs automatically accepting 'trust this folder' prompts and auto-responding to approval prompts (sending 'y'), which grants the controller broad authority to acknowledge prompts on behalf of the interactive agent; review these behaviors before use.
Install Mechanism: okNo install spec or external downloads — skill is instruction-only, so nothing is written to disk by the skill itself. Lower installation risk, but referenced scripts (e.g., .orchestrix-core/scripts/monitor-agent.sh, start-orchestrix.sh) are expected to exist in the project and must be inspected manually.
Credentials: okThe skill declares no required environment variables, credentials, or config paths. The operations described read terminal panes and local project files (expected for a tmux orchestration guide) and do not request unrelated secrets.
Persistence & Privilege: okalways is false and the skill is user-invocable; it does not request permanent/autonomous presence beyond normal agent invocation. That said, its recommended automated acceptance behavior increases the potential for side effects when the skill is run.