ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

ClawOrchestrate

v0.1.1

Orchestrate AI agents across multiple machines. Dispatch tasks, monitor progress, and coordinate teams from a central gateway. Works over Tailscale, SSH, or...

0· 55·0 current·0 all-time
by@loop-capital

Install

OpenClaw Prompt Flow

Install with OpenClaw

Best for remote or guided setup. Copy the exact prompt, then paste it into OpenClaw for loop-capital/claworchestrate.

Previewing Install & Setup.
Prompt PreviewInstall & Setup
Install the skill "ClawOrchestrate" (loop-capital/claworchestrate) from ClawHub.
Skill page: https://clawhub.ai/loop-capital/claworchestrate
Keep the work scoped to this skill only.
After install, inspect the skill metadata and help me finish setup.
Required binaries: python3
Use only the metadata you can verify from ClawHub; do not invent missing requirements.
Ask before making any broader environment changes.

Command Line

CLI Commands

Use the direct CLI path if you want to install manually and keep every step visible.

OpenClaw CLI

Bare skill slug

openclaw skills install claworchestrate

ClawHub CLI

Package manager switcher

npx clawhub@latest install claworchestrate
Security Scan
Capability signals
Requires sensitive credentials
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
VirusTotalVirusTotal
Pending
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name/description (cross-machine orchestration) matches the included files: an HTTP dispatcher, broadcast script, and systemd installer. Required binaries (python3) are appropriate. However the bundle contains hard-coded private IP addresses and specific agent names (PC2/PC3, 'byondedu-ceo', etc.), which leak target topology and are unusually specific for a generic orchestration skill.
!
Instruction Scope
Runtime instructions are inconsistent with the code: SKILL.md Quick Start shows running dispatcher with 'python3 ~/.openclaw/dispatcher.py &' (no --api-key) but dispatcher.py requires --api-key when launched. SKILL.md also claims 'No authentication (Tailscale provides network-level auth)' while the server enforces API key auth. The systemd service templates in both SKILL.md and scripts/setup-service.sh start the dispatcher without passing an API key. The broadcast script expects/uses an Authorization header and an environment variable CLAWORCHESTRATE_KEY, but the package metadata declares no required env vars. The server logs message contents and writes agent output to /tmp logs, which could persist sensitive data. These mismatches can lead to accidental insecure deployments (exposed endpoints, default/insecure key usage, non-starting services) or operational confusion.
Install Mechanism
No external install downloads; the skill is instruction+script only. That is low-risk from supply-chain/install perspective. Files are plain Python and shell scripts; nothing is fetched from arbitrary URLs or installed automatically.
!
Credentials
Metadata declares no required env vars, but scripts expect an API key via command-line (--api-key) and the broadcast script reads CLAWORCHESTRATE_KEY (defaulting to an insecure 'changeme'). The code writes logs to /tmp and to per-agent log files, potentially exposing message contents. There are no other unrelated credentials requested, but the lack of explicit declared env requirements and the insecure default key are disproportionate to safe operation and confusing.
Persistence & Privilege
The skill instructs installing a per-user systemd service (normal for a daemon). It does not request platform-wide privileges or 'always:true'. However the provided systemd unit files omit the required --api-key argument, which will either cause the service to fail to start or, if modified and started without a proper key, lead to a network service listening (default bind 0.0.0.0) that could be reachable beyond Tailscale. This combination increases risk if users follow instructions verbatim.
What to consider before installing
This package looks like an actual dispatcher for OpenClaw agents, but there are important inconsistencies and insecure defaults you should address before installing: - Do not deploy the systemd service as provided: the service files in SKILL.md and scripts/setup-service.sh start dispatcher without the required --api-key argument. That will cause the service to fail or, if edited incorrectly, run insecurely. - Always start dispatcher with a strong API key (use a random secret) and pass it as --api-key; do not rely on the 'changeme' default. The dispatcher enforces API key auth, but the quick-start examples omit it. - Bind address: the default bind in code is 0.0.0.0. For production limit binding to a Tailscale IP or localhost to avoid Internet exposure. Verify the bind you pass via --bind. - Environment variables: update metadata or your deployment docs to record that CLAWORCHESTRATE_KEY is used by scripts/dispatch-all.sh, and never store keys in plaintext in scripts. - Logs and data leakage: dispatcher logs message text and writes openclaw output to /tmp/dispatch-<agent>.log. If messages contain secrets, they will be written to disk. Consider rotating/secure logging or avoiding logging full messages. - Hard-coded targets and agent names: scripts/dispatch-all.sh contains specific IPs and agent IDs. Review and adapt to your own network; do not reuse those addresses or names without understanding them. - Verify OPENCLAW path: dispatcher calls a hard-coded OPENCLAW binary path (~/.local/bin/openclaw). Ensure the path is correct and that the openclaw binary cannot be abused to run arbitrary shell commands with elevated privileges. If you plan to use this skill: review the code locally, fix the systemd unit to include a secure --api-key and a safe --bind, remove insecure defaults, and test in a safe isolated network before deploying to production. If anything in the repository is unclear, ask the maintainer to explain why the documentation omits the required api-key invocation and to remove insecure defaults.

Like a lobster shell, security has layers — review code before you run it.

Runtime requirements

Binspython3
latestvk97c1t85g4c7kc7qce67br7syn85088v
55downloads
0stars
2versions
Updated 1w ago
v0.1.1
MIT-0
@loop-capital
latest
Download

ClawOrchestrate

Cross-machine AI agent orchestration for OpenClaw.

Dispatch tasks from one machine to agents running on another. Monitor progress. Coordinate teams.

What It Does

  • Send tasks to agents on remote machines via HTTP
  • Trigger local openclaw agent commands on remote hosts
  • Simple REST API — works with curl, any HTTP client
  • Tailscale-compatible (secure by default)

Quick Start

1. Install the dispatcher on remote machines (PC2, PC3, etc.)

# Copy dispatcher to remote machine
scp scripts/dispatcher.py user@remote-host:~/.openclaw/dispatcher.py

# Start the dispatcher
ssh user@remote-host "nohup python3 ~/.openclaw/dispatcher.py &"

2. Send tasks from your gateway machine (PC1)

# Dispatch to an agent
curl -X POST http://remote-ip:9876/dispatch \
  -H 'Content-Type: application/json' \
  -d '{"agent":"byondedu-ceo","message":"Read TASKS.md and start building."}'

# Check health
curl http://remote-ip:9876/health

3. Automate with scripts

# Dispatch to all teams
bash scripts/dispatch-all.sh "Daily standup — report progress."

Architecture

┌─────────────┐     HTTP POST      ┌─────────────┐
│   PC1       │ ─────────────────► │   PC2       │
│  (Gateway)  │                    │  (Remote)   │
│             │                    │             │
│  Che (CEO)  │    :9876/dispatch  │  ByondEdu   │
│  sends task │                    │  AgentSocial│
└─────────────┘                    └─────────────┘
                                          │
                                   dispatcher.py
                                          │
                                   openclaw agent
                                   --agent byondedu-ceo
                                   --message "..."

Setup as Systemd Service (Persistent)

On each remote machine:

cat > ~/.config/systemd/user/agent-dispatcher.service << 'EOF'
[Unit]
Description=ClawOrchestrate Agent Dispatcher
After=network.target

[Service]
Type=simple
ExecStart=/usr/bin/python3 /home/%u/.openclaw/dispatcher.py
Restart=always
RestartSec=5

[Install]
WantedBy=default.target
EOF

systemctl --user daemon-reload
systemctl --user enable agent-dispatcher
systemctl --user start agent-dispatcher

API Reference

EndpointMethodBodyResponse
/dispatchPOST{"agent":"id","message":"text"}{"status":"dispatched","agent":"id"}
/healthGET{"status":"ok"}

Security

  • Runs on Tailscale network only (not exposed to internet)
  • No authentication (Tailscale provides network-level auth)
  • Add API key auth for public deployments (see docs/SECURITY.md)

Files

  • scripts/dispatcher.py — The HTTP server (run on remote machines)
  • scripts/dispatch-all.sh — Broadcast script (run on gateway)
  • scripts/setup-service.sh — Systemd service installer
  • docs/ARCHITECTURE.md — Full architecture details
  • docs/SECURITY.md — Security hardening guide

License

MIT — Free for personal and commercial use. Premium features (dashboard, scheduler, analytics) available at claworchestrate.com.

Comments

Loading comments...