Agency
PassAudited by VirusTotal on May 12, 2026.
Overview
Type: OpenClaw Skill Name: agency Version: 1.0.1 The OpenClaw AgentSkills skill bundle is benign. It provides comprehensive instructions and templates for an AI agent to assist in managing a service agency, defining a clear operational scope within `~/agency/`. There is no evidence of malicious intent, such as data exfiltration, unauthorized execution, persistence mechanisms, or prompt injection designed to subvert the agent. Notably, `SKILL.md` includes a critical rule: 'Never send proposals or communicate with clients without human approval', which acts as a safeguard against autonomous harmful actions.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Client, team, pricing, and project information may remain on disk and influence future outputs; stale or incorrect records could affect proposals, deliverables, or client communications.
The skill intentionally creates persistent local records containing client history, business knowledge, rates, margins, and team structure for reuse in future agency work.
Agency data lives in ~/agency/... clients/[name].md # Client profile, history, preferences ... knowledge/ # SOPs, learnings, case studies ... config.md # Rates, margins, team structure
Keep the ~/agency/ folder secured, avoid storing unnecessary sensitive information, periodically review or delete outdated records, and require human review before using stored context in client-facing materials.