Agent Comm Hub Mini
Security checks across static analysis, malware telemetry, and agentic risk
Overview
The skill is a coherent multi-agent communication hub, but it relies on unreviewed external server code and has unclear enrollment and shared-memory boundaries that users should review before installing.
Install only if you are comfortable running and auditing the external hub server code. Pin and inspect the GitHub source, restrict the hub to trusted agents, require controlled registration, and avoid storing sensitive memories or files until access controls and data retention are verified.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
No VirusTotal findings for this skill version.
- Malicious
- 0
- Suspicious
- 0
- Harmless
- 0
- Undetected
- 64
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Installing the hub may run code from a remote repository and npm dependencies that were not reviewed in the submitted artifacts.
The reviewed skill package does not include the server source that provides the claimed MCP tools, so users would need to trust and run external code that was not part of this review.
本仓库是 Hub 的 Skill 分发包(SDK + 文档 + 安装脚本),不包含服务端源码。Hub 服务端是一个独立的 Node.js 项目,通过 `install.sh` 自动从 GitHub 克隆并构建。
Pin the GitHub repository to a specific commit, inspect the external server code and lockfile before running it, and prefer an install spec that declares the external source explicitly.
If registration is actually open, unknown agents could obtain credentials and participate in the hub unless the deployed server adds separate invite-code or network restrictions.
The skill says unauthenticated public registration can issue an agent ID and API token. For a hub that stores messages, files, tasks, and memories, unclear enrollment controls create a privilege-boundary concern.
`register_agent` | 注册新 Agent,获取 agent_id 和 API token(public,无需认证)
Require invite codes or admin approval for registration, document exactly who can join, and restrict the hub to trusted networks or authenticated clients.
A bad or untrusted agent could add misleading shared memories or experiences that later agents may retrieve and act on.
The hub is designed to persist and share memories, experiences, and strategies across agents, including direct publication of experiences without approval.
`store_memory` | 存储记忆,支持 private/team/global 可见范围 ... `share_experience` | 分享经验(无需审批,直接发布) ... `apply_strategy` | 采纳策略
Treat shared memories and experiences as untrusted input, record authorship, require approval for global/shared knowledge, and isolate private or sensitive memories by default.
Messages, files, tasks, and memories may flow between different agents connected to the same hub.
The skill intentionally enables communication among many compatible agents, which is purpose-aligned but requires users to define trust and data-sharing boundaries.
支持任意 MCP 兼容 Agent 接入:WorkBuddy、Hermes、QClaw、Claude Code、OpenClaw 等。
Only connect trusted agents, separate hubs by project or sensitivity, and avoid sending secrets or private files through shared channels unless access controls are verified.
A connected agent may take hub actions automatically if its own tool-use policy allows it.
Direct LLM access to many tools is central to the skill, but users should notice that the tools can mutate hub state, assign tasks, upload/download files, and manage shared knowledge.
Agent 的 LLM 可以直接调用全部 53 个工具。
Use tool approvals or role-based restrictions for high-impact actions such as broadcast messages, global memory writes, strategy application, file transfers, and admin operations.