Multi Team Coding
Security checks across static analysis, malware telemetry, and agentic risk
Overview
This skill can autonomously use your local coding agents and GitHub account to create, push, and merge code changes with limited review.
Treat this as a powerful repo-automation tool, not a passive coding helper. Use it first in a disposable or test repository, require manual PR review and branch protection, restrict which issues and branches it may process, use low-privilege GitHub credentials, pin dependencies, and do not save or commit Playwright authentication state.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A malicious or badly written issue could steer an agent to make unsafe code changes or follow instructions outside the intended workflow.
GitHub issue title/body content is placed into prompts and command-like instructions for autonomous coding agents, including full-auto Codex execution.
local issue_body=$(gh issue view $issue_num --json body -q .body) ... git commit -m '$task_type(#$issue_num): $title' ... command:"codex exec --full-auto '$prompt'"
Only process trusted issues, sanitize issue text before placing it in prompts or shell command templates, and require human review before agents execute generated commands or open PRs.
AI-generated changes could be merged into the repository and branches deleted before a person reviews the diff.
The script can automatically merge PRs after checking only a CI status value, with no explicit confirmation step in the merge function.
local ci_status=$(gh pr view $pr_num --json statusCheckRollup -q '.statusCheckRollup[0].state') ... if [ "$ci_status" = "SUCCESS" ]; then ... gh pr merge $pr_num --squash --delete-branch
Make merge actions dry-run by default, require an explicit per-PR confirmation, filter to branches created by this run, and rely on protected branches plus mandatory code review.
Running the skill in a repo where your GitHub account has write or merge privileges gives the automation that same authority.
These commands act through the user's active GitHub CLI authentication and can read issues, create PRs, and merge PRs.
gh issue list --state open --json number,title,labels --limit 50 ... gh pr create --title '$task_type: $title' ... gh pr merge $pr_num --squash --delete-branch
Use a test repository or a least-privilege GitHub token, document the required GitHub permissions, and avoid running it with admin or production-merge privileges.
Multiple autonomous agents may keep editing, testing, committing, and pushing while the user is not actively watching.
The workflow launches background coding-agent sessions and records PIDs so they can continue working outside the immediate foreground interaction.
bash pty:true workdir:$work_dir background:true command:"claude '$prompt'" ... echo $pid > $WORKSPACE_BASE/teams/issue-${issue_num}.pidLimit concurrency, keep agents foregrounded for risky actions, provide a reliable stop/cleanup command, and require approval before push, PR, or merge steps.
The script may modify the project and download dependencies from external package sources.
The Playwright workflow installs an unpinned npm package and browser dependencies as part of the user-run script.
npm install -D @playwright/test
npx playwright installPin dependency versions, review package-lock changes, and declare npm/npx/Playwright requirements clearly before use.
A saved auth-state file may contain session tokens that could be reused if exposed or accidentally committed.
The documentation shows use of test login credentials and saving a reusable browser authentication state file.
await page.fill("input[name=password]", process.env.TEST_USER_PASSWORD); ... await page.context().storageState({ path: authFile }); ... storageState: "playwright/.auth/user.json"Use dedicated low-privilege test accounts, store secrets in a secret manager or local env only, add auth-state files to .gitignore, and delete or rotate them regularly.