ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Project Coordinator

v1.0.13

Spawns an isolated Project Coordinator session that owns a project's context, breaks work into tasks, and spawns subagents for parallel execution.

0· 138·2 current·2 all-time
byKaigeGao@kaigegao1110
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The name/description (project coordination, spawning subagents, monitoring tasks) match the instructions and declared permissions (spawn sessions, read workspace files, exec via subagents). Dependencies list 'archive-project' which is appropriate for the described archiving behavior.
Instruction Scope
SKILL.md confines sensitive operations (transcript reading, sanitization, archiving) to a dedicated archive-subagent and instructs the Coordinator not to read transcripts directly. The Coordinator is still allowed to read/write workspace files and run shell commands; this is coherent for project work but depends on the platform enforcing sandboxing and the developer following the stated constraints. The instructions are otherwise explicit and scoped to project management tasks.
Install Mechanism
No install spec in the registry (instruction-only). README shows optional GitHub clone or downloading from a GitHub archive — both are typical and come from a known host (github.com). No downloads from obscure or shortener URLs and nothing writes arbitrary binaries to unexpected locations in the manifest.
Credentials
No required environment variables, no primary credential, and no config paths are requested. The skill declares only workspace file access and session-spawning permissions, which are proportionate for coordinating project tasks. Archiving/transcript handling is delegated to an explicit dependency (archive-project).
Persistence & Privilege
always is false and the skill is user-invocable; it does not request permanent/global privileges or attempt to modify other skills' configs. Autonomous invocation (model invocation) is allowed by default but is not combined with other high-risk flags.
Assessment
This skill is internally consistent for coordinating multi-agent projects, but it has powers that can touch workspace files and run shell commands via spawned subagents. Before installing: 1) Verify you trust the GitHub source and the archive-project dependency it references; 2) Do not store secrets or credentials in the workspace that Coordinators or subagents could read; 3) Confirm your platform enforces the promised sandboxing (no access to environment variables or session transcripts except via the archive-subagent) and requires human approval before deletion during archiving; 4) If you rely on strict data governance, review the archive-project skill's behavior and the repository contents yourself before allowing the skill to run.

Like a lobster shell, security has layers — review code before you run it.

agentvk97523g3wc07vbcxbq7r6bc97583p7b9aivk97523g3wc07vbcxbq7r6bc97583p7b9latestvk97ftbteg6qj8pve7pc58pvd3983r5hxmulti-agentvk978bw8as3t2ha07x72grnp7bn83qepbproductivityvk978bw8as3t2ha07x72grnp7bn83qepbproject-managementvk978bw8as3t2ha07x72grnp7bn83qepbworkflowvk978bw8as3t2ha07x72grnp7bn83qepb

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments