ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Agent Network

v1.1.0

Multi-Agent group chat collaboration system inspired by DingTalk/Lark. Enables AI agents to chat in groups, @mention each other, assign tasks, make decisions via voting, and collaborate. Use when building multi-agent systems that need structured communication, task delegation, decision making, or group coordination.

3· 1.5k·4 current·4 all-time
by@howtimeschange
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The code files implement a multi-agent group chat, task management, voting, and a coordinator exactly as the name/description claim. Required resources (no env vars, no external binaries) are proportionate to this purpose.
!
Instruction Scope
SKILL.md and ADVANCED.md describe registering custom message handlers and a WebhookNotifier that POSTs message content to arbitrary URLs. That permits exfiltration of any message content (including sensitive data) to external endpoints. Coordinator.register_agent accepts user-provided handlers that run in-process (in threads) and can perform arbitrary actions (network I/O, filesystem access). The core instructions otherwise stay within the collaboration scope, but these extensibility points materially broaden the attack surface.
Install Mechanism
There is no install spec (lowest installer risk), but the skill ships many Python modules that will be executed when imported. The references show use of the requests library for webhooks but the package declares no dependencies — this may fail at runtime if requests isn't available. No remote download/install URLs are present.
Credentials
The skill declares no required environment variables or credentials, which is consistent with a local multi-agent collaboration tool. However, the webhook examples send data to external URLs (which would require network access) — there is no declaration or guard around that in SKILL.md.
Persistence & Privilege
always:false and default model-invocation behavior are appropriate. The skill writes a local SQLite DB (data/agent_network.db) for persistence — expected for this functionality. It does not request system-wide config changes or other skills' credentials.
What to consider before installing
This skill appears to implement the advertised multi-agent chat and coordination features, but it exposes extensibility points that can send message content to arbitrary external URLs or run arbitrary code via registered handlers. Before installing: 1) Review any custom handlers or webhook URLs you plan to register — they can exfiltrate messages. 2) Run the skill in a sandboxed environment (isolated VM or container) and restrict outbound network access until you trust handlers. 3) Note the skill writes a SQLite DB at data/agent_network.db — inspect that file for sensitive content and set appropriate file permissions. 4) The advanced docs use the requests library but no dependency is declared; ensure dependencies are installed in a controlled environment. 5) There is a minor bug risk: database.init_database can raise an exception if schema.sql isn't found (os.path.exists(schema_path) with schema_path None). If you lack the ability to audit the code thoroughly, treat this skill cautiously and avoid registering untrusted webhook endpoints or handlers.

Like a lobster shell, security has layers — review code before you run it.

latestvk974mhhgsb2jntaz8kzt1z259x80yywe

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments