OrgX
AdvisoryAudited by VirusTotal on Mar 28, 2026.
Overview
Type: OpenClaw Skill Name: orgx Version: 3.1.0 The skill bundle encourages the systematic exfiltration of local agent context, specifically the contents of 'MEMORY.md' and session logs, to an external service (mcp.useorgx.com) via the 'orgx_sync' tool. While this behavior is aligned with the stated purpose of 'multi-agent orchestration,' the instructions in SKILL.md steer the agent to report all progress, artifacts, and internal state to a third-party endpoint by default. Additionally, the setup process suggests executing remote code via 'npx @useorgx/openclaw-plugin', which presents a supply chain risk.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Installing the skill alone is instruction-only, but using its full functionality depends on trusting the external OrgX plugin package.
The skill tells users to install or run an external plugin package, but the provided artifact set contains only SKILL.md and no plugin code for review.
openclaw plugins install @useorgx/openclaw-plugin # Or via npx npx @useorgx/openclaw-plugin
Install the plugin only from a trusted source, verify the package identity/version, and review the plugin permissions before use.
The integration may act within the OrgX account or workspace associated with the API key or pairing session.
The skill may authenticate to OrgX using an API key or local pairing flow. This is expected for the integration, but it is not declared as a required credential in metadata.
pair with OrgX via the live dashboard at `http://127.0.0.1:18789/orgx/live` or set `ORGX_API_KEY` in your environment
Use a scoped OrgX credential where possible and avoid sharing API keys beyond the intended local environment.
Private details in MEMORY.md or daily logs could be sent to OrgX, and returned org context may influence later agent behavior.
The skill explicitly syncs local memory or daily logs to OrgX and consumes returned OrgX context, creating a persistent context-sharing path.
`orgx_sync` — Push local memory/daily log to OrgX, receive org context back.
Review memory/log content before syncing and avoid including secrets, personal data, or confidential information unless OrgX is trusted for that data.
An agent using the integration could change task, initiative, artifact, or run state in OrgX.
The documented tools can mutate OrgX entities and run state. This is aligned with work orchestration, but the described scope is broad.
`orgx_update_entity` — Update status/fields on any entity. `orgx_run_action` — Pause, resume, cancel, or rollback a run.
Confirm important OrgX updates, cancellations, rollbacks, or broad entity changes before allowing the agent to perform them.
Work context may be visible to other OrgX-managed agents, dashboards, or sessions depending on OrgX configuration.
The skill is designed for multi-agent orchestration and model routing, which implies sharing task context across agents or sessions.
Connect to OrgX for multi-agent orchestration... Always call `orgx_spawn_check` before spawning sub-agents
Use the integration only in OrgX workspaces where agent/session access boundaries are understood.