Pi Coding Specialist
Security checks across malware telemetry and agentic risk
Overview
This skill is purpose-aligned for coding help, but it tells the agent to install and run an external Pi coding sub-agent in project folders, including background runs, without clear approval or containment rules.
Before installing, confirm you are comfortable letting an external Pi coding agent operate inside your repositories. Use it only with explicit approval, preferably on a disposable branch or sandbox, review all diffs before merging, and verify or pin the Pi CLI package before any global npm install.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A sub-agent could make broad project changes or run for a long time in a codebase before the user has reviewed exactly what it will do.
The skill directs shell-based execution of an external coding agent inside a project directory, including background mode, without stating approval, scoping, rollback, or review requirements.
bash pty:true workdir:/path/to/project background:true command:"pi 'Complex implementation'"
Require explicit user confirmation before running Pi, restrict it to a chosen repository or branch, set a timeout, and require a human-reviewed diff before integrating changes.
A delegated coding agent may continue operating in the background and produce changes that are treated as ready to integrate without a clearly defined user checkpoint.
The handoff pattern encourages other agents to detect complex tasks, spawn Pi, monitor it, receive push-based results, and integrate changes, but does not define user approval, session lifetime, stop conditions, or containment.
1. **Nexus/Forge detectan tarea compleja** (>5 files) 2. **Spawn Pi sub-agent** con contexto específico 3. **Monitor progreso** via `process:log` 4. **Receive results** push-based 5. **Integrate changes** al proyecto principal
Document and enforce lifecycle controls: who may spawn Pi, when the session stops, how results are reviewed, and how to cancel or revert the task.
Installing an unpinned global package gives that package code execution on the user’s machine and may change over time.
The skill asks for a global npm install of the Pi coding agent. This is aligned with the skill purpose, but the dependency is unpinned and the registry metadata does not declare an install specification.
npm install -g @mariozechner/pi-coding-agent
Pin the package version, verify the package source before installing, and prefer a documented install spec or manual user-controlled setup.
Private code, task descriptions, or repository context may be exposed to the spawned agent or cloud model depending on the runtime setup.
The skill routes project work to a spawned sub-agent using a cloud model and a project working directory. That is coherent for coding delegation, but the artifacts do not describe what project data is shared or retained.
openclaw sessions spawn \ --name="pi-coding-task" \ --model="qwen3.5:397b-cloud" \ --workdir="/path/to/project" \ --prompt="Pi, implementa [task description]. Usa pi CLI para coding."
Use this only on projects where cloud/sub-agent processing is acceptable, avoid including secrets in the repository context, and document data-sharing boundaries.