@openclaw/orchestration
PassAudited by ClawScan on May 10, 2026.
Overview
This appears to be a legitimate local multi-agent task queue, but it stores shared task state and depends on trusted local/npm code.
This skill is reasonable to install if you want a local cooperative task queue. Before using it, review the npm and interchange dependencies, use it only with trusted local agents, avoid putting secrets in task text or summaries, and confirm backup/restore actions carefully.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The skill may fail or run different helper code depending on what local interchange implementation is present.
The refresh path imports code from a sibling interchange source outside this package's manifest. The README discloses interchange integration, so this is purpose-aligned, but the reviewed artifact set does not include that external code.
import { writeMd, serializeTable } from '../../interchange/src/index.js';Install it only in a trusted OpenClaw workspace, and ensure the referenced interchange package/source is pinned, present, and reviewed.
Sensitive text or prompt-like instructions placed in tasks can persist and be reused by other agents through the shared interchange files.
Task descriptions and result summaries are written into persistent Markdown files that other skills or agents may read.
content += `## Description\n${task.description || 'No description provided.'}\n\n`; ... if (result.summary) content += `**Summary:** ${result.summary}\n`;Do not put secrets in task descriptions or summaries, and have consuming agents treat task Markdown as task data from a known source, not as higher-priority system instructions.
Any local agent or process with access to the CLI/database could claim, fail, complete, or retry tasks under a chosen agent name.
Agent identity for claiming tasks is based on the caller-supplied agent name in a shared local queue; the artifacts do not show authentication or per-agent authorization checks.
UPDATE tasks SET status = 'claimed', assigned_agent = ?, claimed_at = datetime('now') WHERE id = ? AND status = 'pending'Use this queue only among trusted local agents, and do not treat the agent name as a security boundary unless additional authentication/authorization is added.
Restoring the wrong file can replace or corrupt the task queue and agent state.
The restore function overwrites the local orchestration database from a user-supplied backup file. This is a disclosed backup/restore feature, but it is a high-impact local state mutation.
fs.copyFileSync(backupPath, dest);
Require explicit user confirmation before restore operations and keep backups of the current database before replacing it.