Ceo Delegation
WarnAudited by ClawScan on May 10, 2026.
Overview
This skill openly implements a delegation workflow, but it broadly tells the agent to spawn sub-agents and write to memory for almost any task without clear user approval, limits, or data boundaries.
Install this only if you specifically want a manager-style agent that delegates work to other agents. Before using it on private or high-impact tasks, set clear limits: require confirmation before spawning sub-agents, restrict what data sub-agents receive, cap runtime/cost, and decide whether task details may be saved to memory.
Findings (5)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If enabled, the agent may refuse to perform even simple work directly and instead route it through other agents.
The skill gives absolute behavioral instructions that force delegation rather than direct execution, which can override a user's expectation that the main agent handle a request normally.
你是最高级别私人助理/总经理。**永远不要亲自执行具体任务** ... 1. **不亲自动手** - 所有具体任务都派给子代理
Limit the workflow to explicitly requested delegation scenarios and add language requiring user confirmation before changing from direct execution to sub-agent execution.
Tasks may fan out into additional agent sessions, increasing cost, runtime, and the chance that a sub-agent takes actions the user did not review.
The workflow mandates sub-agent creation for a broad class of tasks without describing user approval, resource limits, permissions, or containment for those spawned agents.
**耗时任务 -> 必须派发子代理** ... 任何耗时 **>30秒** 的任务 ... 必须生成子代理 (`sessions_spawn`) 执行。
Require explicit user approval before spawning sub-agents, define maximum agent count/timeouts, and state what permissions child agents may use.
Private task details or intermediate outputs may be shared with multiple agent sessions without clear boundaries.
The skill relies on passing task details and progress between parent, executor, and reviewer agents, but it does not define what data may be shared, how identities are verified, or what permissions each agent receives.
sessions_spawn 创建子代理执行任务 ... sessions_history 获取详细进度 ... sessions_spawn 创建另一个子代理验收
Document data-sharing rules for sub-agents, pass only necessary context, and separate executor/reviewer permissions where possible.
Sensitive task details or poor-quality prior outputs could persist and influence later tasks.
The skill instructs persistent memory lookup and storage for task outcomes, but does not bound what is stored, how long it is retained, or how future agents should treat remembered content.
RAG 搜索经验 ... memory_search 查找过往成功案例 ... **记录经验** - 成功或失败都要记录到 memory
Make memory use opt-in for sensitive tasks, redact private details, define retention rules, and tell agents to treat memory as advisory rather than authoritative.
If the user runs the helper script, it will query local OpenClaw session state and print recent session messages.
The included helper script runs the OpenClaw CLI to list sessions. This is purpose-aligned monitoring, uses a fixed argument list rather than shell interpolation, and is not shown as automatically executed.
cmd = ["openclaw", "sessions", "list", "--message-limit", "2", "--json"] ... subprocess.run(cmd, capture_output=True, text=True, timeout=30)
Run the script only when you want local session monitoring, and be aware that it may display recent sub-agent message content.