Multi-Agent Tenant Upgrade
AdvisoryAudited by Static analysis on Apr 30, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Installing it can permanently change the local OpenClaw UI/gateway until reverted.
The skill changes local OpenClaw source code persistently, so users should verify patch provenance and content before applying it.
This skill applies `git apply` patches against `~/openclaw` and requires a UI + gateway rebuild. Changes are persistent. **Always backup before patching:**
Apply only after reviewing the full patch set, use a git branch or stash backup, and rebuild from a trusted working tree.
The wizard can use your configured model-provider API key and send the wizard description to that provider.
The AI wizard may use local provider credentials or auth profiles to call Anthropic/OpenAI-compatible APIs. The artifact discloses this and says values are not logged or returned.
Auth profile store — searches for the first `api_key`-type profile matching the provider... Environment variable — `ANTHROPIC_API_KEY` or `OPENAI_API_KEY` as a last resort
Use the wizard only if you are comfortable with that provider call; prefer explicit environment variables or a scoped auth profile, and avoid entering secrets in the wizard description.
Anyone with appropriate access to the Control UI/gateway could view searchable prior session messages, which may contain sensitive conversation content.
The new sessions.history RPC reads local JSONL conversation transcripts and returns message text for display/search.
const content = fs.readFileSync(filePath, "utf-8"); ... allItems.push({ role, text, timestamp }); ... items: pagedUse this only in trusted deployments, protect Control UI access, and avoid exposing session history in shared or untrusted environments.
A mistaken save or confirmed delete could alter or remove agent configuration.
The UI wiring can update agent identity/workspace fields and delete agents through gateway RPCs. The flow is visible and user-directed, including delete confirmation state.
state.client?.request("agents.update", p) ... state.client?.request("agents.delete", { agentId })Review changes before saving, keep backups, and confirm deletion only when you intend to remove that agent.