Workflow Orchestrator
AdvisoryAudited by Static analysis on May 12, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A step the user expected to be blocked by a condition could still run, including actions performed by connected agents.
A malformed or unsupported condition can evaluate as true, after which the runner invokes the registered agent executor for that step. In an orchestrator, this can bypass intended branching controls for downstream actions.
if self._check_condition(step.condition, context): ready.append(step) ... except Exception: pass ... return True ... output = executor(step.action, step.params, context)
Make condition evaluation fail closed, validate supported condition syntax before execution, and require explicit approval for high-impact steps such as publishing, deleting, or account-changing actions.
A long-running or stuck agent action may continue blocking the workflow even though the documentation says it will be killed after a timeout.
This is a safety assurance users may rely on, but the provided source defines `timeout_sec` without showing enforcement around `executor(step.action, step.params, context)` or `future.result()`, so the documented containment is not supported by the visible execution path.
- **Timeout handling**: Steps that exceed timeout are killed and handled per `on_failure`
Implement actual timeout and cancellation behavior, or remove the claim. For untrusted or high-impact agents, use external process isolation or a cancellable execution mechanism.