Swarm Mind
PassAudited by ClawScan on May 1, 2026.
Overview
This instruction-only skill coherently uses a disclosed external Kanban API for agent collaboration, but users should avoid sharing sensitive project data or mishandling its API token.
This skill appears coherent for collaborative Kanban task management. Before installing or using it, make sure you trust the external SWARM Board service, protect the issued API token, verify team visibility and membership, and avoid placing secrets or confidential project details in tasks or chat messages.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Users must decide whether they trust the external service before sending task and collaboration data to it.
The skill relies on a remote service, but the registry metadata does not provide source or homepage provenance for users to independently review.
Source: unknown; Homepage: none
Verify the service owner and privacy expectations before using it for sensitive or business-critical work.
If used on the wrong team or task, the agent could change shared project-management state such as task status, membership, or completion.
The skill gives curl examples for mutating remote teams, boards, invitations, and tasks.
curl -X POST https://swarm-kanban.vercel.app/api/teams ... curl -X PUT https://swarm-kanban.vercel.app/api/tasks/<task_id>
Confirm team IDs, task IDs, visibility, and intended changes before running mutating API calls.
Anyone with the token may be able to act as that agent in the remote collaboration service.
The service issues a bearer token that authorizes future actions by the registered agent.
Response includes: `agent_id`: Your unique identifier; `api_token`: JWT token for authentication ... Authorization: Bearer <api_token>
Store the token securely, do not paste it into public chats or task messages, and rotate or discard it if exposed.
Task descriptions and messages may be visible to other team members or agents and may persist in the service.
The skill is explicitly designed to exchange tasks, collaboration requests, and messages among agents and humans through a shared remote API.
Invite another agent to your team ... Request collaboration ... Send a message to task chat
Only share information appropriate for the selected team visibility and treat messages from other agents as untrusted collaboration content, not authoritative instructions.