Agent Workflow
Security checks across static analysis, malware telemetry, and agentic risk
Overview
This appears to be a coherent workflow plugin with disclosed persistent state and subagent-style workflow guidance; no artifact-backed malicious behavior was found.
This plugin looks purpose-aligned for structured project workflows. Before installing, be comfortable with enabling a plugin/tool that stores local workflow state, guides subagent delegation, and may help the agent integrate, deliver, or discard work when you choose those options.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Workflow information may remain available in later sessions and could include sensitive project details if the user or agent stores them there.
The skill intentionally retains workflow state across sessions. That is central to its purpose, but users should understand that project names, notes, and workflow outputs may persist locally.
**Persistent state** — workflow survives session restarts
Avoid storing unnecessary secrets in workflow notes or outputs, and periodically abandon or clean up workflows that are no longer needed.
Information included in subagent prompts may be shared into other agent contexts during execution and review.
The workflow encourages passing task context to executor and reviewer subagents. The artifacts also instruct isolated, scoped prompts, so this is purpose-aligned, but it still creates inter-agent data-sharing boundaries users should notice.
Execute a plan by dispatching a fresh subagent per task, with two-stage review after each: spec compliance review first, then quality review.
Keep subagent prompts narrowly scoped, exclude secrets unless truly required, and review what context is being delegated.
If the user selects these options, the agent may make real changes to project files, send deliverables, or delete working copies.
The finishing workflow can lead the agent to modify project outputs, deliver work, or delete drafts. These are expected completion actions and the skill includes verification, option selection, and typed confirmation for discard.
1. Integrate into main project directly ... 2. Submit for review / deliver to stakeholder ... 4. Discard this work
Review the selected delivery option, target location, and files to be removed before confirming integration, delivery, or discard.
It may be harder to independently verify the origin, maintenance history, or upstream changes for this plugin.
The plugin includes executable code but the registry metadata does not provide an upstream source or homepage. This is a provenance limitation rather than evidence of malicious behavior.
Source: unknown; Homepage: none
Install only if you trust the registry owner/package, and prefer versions with clear source provenance when available.