Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Multi Agent
v2.4.0多 agent 协调设计模式。当需要选择 coordinator/fork/swarm 模式或设计跨 agent 协作时使用。不适用于工具重试(用 tool-governance)或上下文管理(用 context-memory)。参见 execution-loop(coordinator 持续执行)。
⭐ 0· 93·0 current·0 all-time
by_silhouette@lanyasheng
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The name/description (multi-agent coordination patterns) matches the content: locks, task lists, worktrees, synthesis gates, and review separation are all relevant. However, the SKILL.md contains operational commands that rely on external CLIs (e.g., 'claude'), utilities (jq, git), and env vars (SESSION_ID, WORKER_ID) that are not declared in the skill metadata as required — an inconsistency between claimed 'instruction-only' knowledge and the concrete runtime assumptions.
Instruction Scope
Instructions include bash hooks, lockfile logic, git worktree operations, file reads/writes, and examples that cat file contents into 'claude -p' prompts. Those instructions will cause local files (research, synthesis, diffs) to be read and potentially transmitted to an external model endpoint when executed. The guide also references PreToolUse/PostToolUse hooks that read tool_input, which implies reading agent tool payloads not declared in metadata.
Install Mechanism
No install spec or code files are present; this is instruction-only so nothing will be written to disk by an installer. That minimizes install-time risk.
Credentials
The skill declares no required env vars or binaries, but the instructions assume SESSION_ID, WORKER_ID, availability of the 'claude' CLI, and utilities like jq and git. The SKILL.md therefore accesses environment/config that is not declared, creating a proportionality mismatch and possible operational surprises for users.
Persistence & Privilege
The skill is not always-enabled and does not request persistent system-wide privileges. It does not modify other skills or agent configs according to the provided files.
What to consider before installing
This is a design guide (no installer), but its runnable snippets assume tools (claude CLI, git, jq), and env vars (SESSION_ID, WORKER_ID) that the skill metadata does not declare. Before using: (1) review all bash snippets and hooks — they will read local files and may send their contents to remote LLMs (data exposure risk); (2) ensure you only run these scripts in an isolated repo or test environment and never on repos with secrets; (3) provide or vet the SESSION_ID/WORKER_ID semantics in your environment or adapt the scripts to safer identifiers; (4) confirm the 'claude' CLI is authenticated to a model you trust, or replace remote calls with local/safe tooling; (5) if you expect to run these patterns automatically, add explicit requirements for the CLIs and env vars to the skill metadata so the assumptions are visible. Overall the content matches its stated purpose, but the undeclared runtime assumptions and file-transmission behaviors are the reason for caution.Like a lobster shell, security has layers — review code before you run it.
agent-reliabilityvk97dpan6fdy1e7khemsqfdx37h84ayqwharnessvk97dpan6fdy1e7khemsqfdx37h84ayqwlatestvk975cnb2xxv0ms1pnq5ba1na2x84f25y
License
MIT-0
Free to use, modify, and redistribute. No attribution required.