Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Agent Orchestration Kit
v0.2.0Set up and manage multi-agent task orchestration on OpenClaw with async dispatch, leader coordination, real-time tracking, and approval workflows.
⭐ 0· 61·0 current·0 all-time
bykuannnn@kuan0808
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
The name/description (agent orchestration) match the included artifacts: scaffolding templates, AGENTS/SOUL templates, a bash scaffold script, and a Node config patcher that merges orchestration settings into ~/.openclaw/openclaw.json. The declared runtime need for 'node' aligns with scripts/patch-config.js. Nothing requested is unrelated to building or registering multi-agent teams.
Instruction Scope
SKILL.md explicitly instructs creating workspaces, copying templates, and merging changes into the global OpenClaw config (~/.openclaw/openclaw.json). It enables agent-to-agent features (tools.agentToAgent) and sets sessions visibility to 'all', and recommends persistent async sessions and larger token budgets. These are coherent for orchestration, but they expand inter-agent visibility and session behavior beyond defaults — review those changes if you need tighter isolation.
Install Mechanism
This is instruction-only with two local scripts bundled (bash + Node). There is no network download, no external package fetching, and no installer that pulls code from untrusted URLs. Risk is limited to the local scripts writing to your OpenClaw directories.
Credentials
The skill requires no additional credentials or secret environment variables. It relies on standard local state (HOME, ~/.openclaw) and the presence of node/bash. The patcher reads/writes openclaw.json as intended for configuration; no unexplained secret access is requested.
Persistence & Privilege
The patch-config script modifies the global OpenClaw config (agents.list, tools.agentToAgent, sessions visibility, hooks, exec trusted dirs, session token budgets). That level of persistent change is expected for an orchestration onboarding flow but is materially impactful — it's not 'always: true' and will only run if invoked, but it does alter system-wide config and enable internal hooks.
Assessment
This kit appears to be what it says: scaffolding + config merges to enable a leader/spoke orchestration model. Before running anything: 1) Run the provided dry-run options (scripts/patch-config.js --dry-run and scaffold.sh --dry-run) and carefully inspect the output. 2) Back up ~/.openclaw/openclaw.json and any AGENTS.md/SOUL.md files that may be modified. 3) Pay attention to two changes that have security/visibility implications: tools.agentToAgent.enabled and tools.sessions.visibility = "all" (these increase inter-agent visibility), and the large parentForkMaxTokens value (increases token budget for forks). If you want stricter isolation, edit the scripts or config before applying (e.g., limit the agent allow list, set sessions.visibility to a narrower option). 4) Confirm that you trust the local scripts — patch-config.js uses child_process.execSync only to run 'openclaw --version' (a benign version check) and otherwise performs filesystem merges. 5) If unsure, run these scripts in a sandbox or manual mode and review diffs before writing files. Overall: internally coherent but make a backup and review the dry-run outputs before applying.scripts/patch-config.js:45
Shell command execution detected (child_process).
Patterns worth reviewing
These patterns may indicate risky behavior. Check the VirusTotal and OpenClaw results above for context-aware analysis before installing.Like a lobster shell, security has layers — review code before you run it.
latestvk974bdar2x06mybyqgqdxyz369844q6z
License
MIT-0
Free to use, modify, and redistribute. No attribution required.