Skillv1.0.0

ClawScan security

Agency Agents Openclaw · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignMar 6, 2026, 11:12 PM

Verdict: Benign
Confidence: high
Model: gpt-5-mini
Summary: The skill is an instruction-only bundle that documents 61 agent personalities and orchestration flows; its declared requirements (none) match the files and runtime instructions, and it does not request unexpected credentials or install code.
Guidance: This skill appears internally consistent with its stated purpose: a packaged set of 61 agent personas and an orchestrator. It doesn’t request credentials or install code. Before installing or running: 1) review orchestrator/SKILL.md (the orchestrator coordinates multiple agents and will have the broadest effects); 2) never paste production secrets into agent prompts — some example agent docs show environment-variable names for sample code but they are not required by the skill; 3) be cautious if you adapt any example code that calls external services (Supabase, cloud providers, etc.) — those will need credentials and can access data; 4) treat support/contact addresses and repository URLs in the docs as placeholders until you confirm the publisher identity. Overall the package is coherent and documentation-heavy rather than executable, but verify any integration steps that ask you to provide tokens or to run publish/install commands on your machine.
Findings: [no-findings] expected: The regex-based scanner had nothing to analyze (instruction-only skill). This absence of findings is expected but not evidence of safety; manual review of SKILL.md and agent docs was used instead.

Review Dimensions

Purpose & Capability: okThe name/description (61 specialized agents + orchestrator) matches the included SKILL.md and the many per-agent markdown files. Nothing in the manifest or SKILL.md asks for unrelated cloud credentials, binaries, or system-level access that would be inconsistent with an agent collection.
Instruction Scope: okSKILL.md contains usage examples and orchestration workflows for invoking agents via OpenClaw (e.g. /openclaw skill use ...). The instructions do not direct the agent to read arbitrary host files, exfiltrate data, or call unexpected external endpoints. Some documentation files contain example code snippets that reference typical service env vars (e.g. SUPABASE_KEY, JWT_SECRET) as examples for implementing deliverables, but SKILL.md does not require them at runtime.
Install Mechanism: okNo install spec and no code files to execute are present; this is instruction-only. That is the lowest-risk install pattern and consistent with the skill's documented usage.
Credentials: noteThe skill does not declare required environment variables or credentials. SKILL.md lists optional config env vars (AGENCY_AGENTS_*), which are reasonable. Several agent docs contain example snippets referencing service credentials (Supabase key, JWT_SECRET, etc.) — these are example templates for implementers, not declared requirements. Users should avoid supplying real production secrets to agent inputs unless explicitly needed.
Persistence & Privilege: okFlags show always:false and default autonomous invocation allowed; both are appropriate. The skill does not request persistent system-wide privileges or modify other skills. No 'always' privilege or unusual persistence is present.