ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Multi Team Coding

v1.0.0

完整的 AI 驱动编程工作流。包含:(1) 多团队并行开发(OpenClaw + Claude Code/Codex/OpenCode),(2) 一人公司模式(单日 90+ 提交),(3) Playwright 自动化测试(E2E/API/视觉/性能),(4) 自动 PR 管理和合并。适用于独立开发者、初创团队、...

0· 182·1 current·1 all-time
by@longfer
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
high confidence
!
Purpose & Capability
The stated purpose (orchestrating multi-agent coding + Playwright testing) is plausible and matches the use of claude/codex/opencode agents. However the package metadata omits several real requirements: the scripts call gh (GitHub CLI), git, npm/npx, jq, and Playwright, but required binaries/env in the registry only mention claude/codex/opencode and declare no env vars. That mismatch is incoherent: a user installing this should expect to provide GitHub credentials and Node tooling, but the skill does not declare or document them in the metadata.
!
Instruction Scope
The SKILL.md and included scripts instruct the agent to read repository contents, produce diffs and git logs, embed those into prompts, push branches, create and auto-merge PRs, and run external agents (claude/codex/opencode). Prompts include code and conflict diffs sent to external agents — if those agents are cloud services this results in repository content being transmitted off-host. The instructions also reference environment variables (e.g. TEST_USER_EMAIL, TEST_USER_PASSWORD, CODEX_MODEL, CLAUDE_MODEL) and tooling (gh auth) that are not declared in the registry metadata.
Install Mechanism
No install spec (instruction-only with shipped example scripts). This minimizes supply-chain install risk because nothing is downloaded during install. However the provided scripts will run many commands at runtime (npm install, gh, git push, npx playwright install), so runtime dependencies exist even though there is no installer to review.
!
Credentials
The skill requests no environment variables in metadata, but the code expects and references multiple env vars (CLAUDE_MODEL, CODEX_MODEL, TEST_USER_EMAIL, TEST_USER_PASSWORD, possibly CI-related vars) and uses GitHub/Git operations that require credentials. It also uses the user's git remote to push and gh to create/merge PRs — actions that need authenticated credentials (SSH keys or gh auth). Declaring no credentials while performing privileged repo operations is disproportionate and misleading.
Persistence & Privilege
always:false (no forced always-on). The skill is allowed to invoke autonomously (default), which combined with the ability to push branches, create and auto-merge PRs, and run external LLMs increases operational blast radius. The skill does not declare modifying other skills or system config, but autonomous invocation plus networked LLM calls means a compromised or misconfigured agent could perform impactful repo operations.
What to consider before installing
This skill contains runnable scripts that will: read your repository, invoke external coding agents (claude/codex/opencode), push branches, create and auto-merge PRs via gh, and run npm/pip installs and Playwright tests. Before running or installing: 1) Do not run on a sensitive/production repository — test in a disposable repo or VM. 2) Understand authentication: the scripts assume GitHub CLI/git auth but the skill metadata does not request a GH token; supply least-privilege credentials (or use a throwaway repo). 3) Review prompts that get sent to external agents — they embed diffs and code, which can exfiltrate secrets if those agents are cloud-hosted; prefer local models or remove LLM calls. 4) Provide necessary environment variables deliberately (e.g., TEST_USER_EMAIL/PASSWORD only for test accounts), and avoid putting secrets in plain env vars if possible. 5) Audit and run the included scripts line-by-line first (no automatic background runs), and disable any auto-merge steps until you confirm CI and review behavior. If you need this workflow, request the publisher to update metadata to list required binaries and env vars and to document where prompts are sent (local vs cloud).

Like a lobster shell, security has layers — review code before you run it.

latestvk97e6k2mknw8y2d6n49j8xzwd582xy0x

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🚀 Clawdis
Any binclaude, codex, opencode

Comments