Skillv1.0.0

ClawScan security

Agency Agents 1.0.2 · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignMar 15, 2026, 11:39 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's files and runtime instructions are consistent with its stated purpose (a multi‑agent 'agency' and an orchestrator); it requests no secrets, has no install step, and contains only markdown guidance and persona definitions.
Guidance: This skill appears internally coherent and matches its described purpose, but review these practical points before installing: - Inspect repository URLs and support contact (the package.json points to a GitHub repo and support@your-company.com) to confirm the source is trustworthy. If you don't recognize the author, prefer sandboxed testing. - The orchestrator will read user-provided project specs and write outputs to your home workspace (SKILL.md and QUICKSTART reference ~/clawd/agency-agents). If you care about where files go, verify or override the output path in a safe location. - Do not provide any sensitive credentials or secret files to the skill. Although it asks for no secrets, the orchestrator may request evidence (screenshots/logs) during QA — only supply non-sensitive examples during initial testing. - Because the skill can autonomously run multi‑agent pipelines, test it first with a non‑sensitive, small project in a sandbox or disposable environment to observe behavior and outputs. - Confirm pricing/monetization and any claims about private deployment if you plan to use in production. If you want a deeper review, provide the upstream GitHub repo URL or any runtime logs so we can check for hidden code paths or external network calls.

Review Dimensions

Purpose & Capability: okThe name/description (61 agents + orchestrator) aligns with the provided files (many agent persona markdowns and an orchestrator SKILL.md). No unexpected binaries, cloud credentials, or unrelated config paths are required by the package metadata or runtime instructions.
Instruction Scope: noteRuntime instructions describe selecting agents, running multi‑agent orchestration, enforcing QA loops, and reading user-provided project specs; they instruct writing outputs to user workspace (e.g., ~/clawd/agency-agents). The instructions do not ask for unrelated system secrets or external endpoints beyond documentation/support links. Because the orchestrator can run an autonomous pipeline and persist outputs, it has broader filesystem/automation scope than single-agent help text — this is expected for an orchestration skill but worth noting.
Install Mechanism: okNo install specification and no code files to execute were provided (instruction-only, markdown files). This minimizes risk from remote installers or extracted archives.
Credentials: okThe skill declares no required environment variables or credentials. SKILL.md mentions optional config env vars (AGENCY_AGENTS_*) but these are non-sensitive controls (defaults, verbosity, QA level) and are not required for operation.
Persistence & Privilege: notealways:false and disable-model-invocation:false (normal). The orchestrator is designed to autonomously run multi‑step pipelines when invoked and to save outputs to the user's workspace; while autonomy itself is expected, it increases the potential blast radius if combined with wide permissions — here there are no requested credentials, but you should be aware the orchestrator will create/modify files in the workspace and run multi‑agent flows without additional installs.