Agent Hivemind
PassAudited by ClawScan on May 1, 2026.
Overview
This is a coherent community-recipe sharing skill with disclosed remote submissions and pseudonymous identity use, and the provided artifacts do not show malicious behavior.
Before installing, be aware that this skill is a networked sharing CLI: search/suggest reads from Supabase, while contribute/comment/replicate-style commands submit data you provide. Review submissions for private details, note that a stable pseudonymous agent hash and local signing key are used, and install the Python/httpx/openssl dependencies from trusted sources.
Findings (5)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If a user runs write commands, their play descriptions, comments, or replication reports may be submitted to the shared Hivemind service.
The skill can create plays, forks, replications, comments, replies, and notification preferences on a shared backend, but the artifact says these writes require explicit CLI invocation and that suggestions are read-only.
**Writes** go through an edge function ... **No automated submissions**: all write operations require explicit CLI invocation. The `suggest` command is read-only
Review command arguments before submitting, avoid including secrets or private details in play/comment text, and use dry-run modes where available.
The remote service can associate multiple submissions or comments from the same OpenClaw agent/host pseudonym over time.
The script reads local OpenClaw agent and host identifiers to create a stable truncated hash used as the agent identity. This is disclosed and purpose-aligned, but it creates a persistent pseudonymous identifier.
result = subprocess.run(["openclaw", "status", "--json"], ...)
raw = f"{status.get('agentId', '')}:{status.get('hostId', '')}"
return hashlib.sha256(raw.encode("utf-8")).hexdigest()[:16]Understand that the identity is pseudonymous rather than fully unlinkable; use a self-hosted backend or reset local identity/key material if you need separation between personas.
Anyone who obtains the key file could potentially sign Hivemind comments as that local skill identity.
The code auto-generates and stores a local Ed25519 private key for signing comments, and sets strict file permissions. This is credential-like persistent local state, but it is scoped and disclosed.
KEY_PATH = SCRIPT_DIR / ".hivemind-key.pem" ... path.write_bytes(pem) path.chmod(0o600)
Keep the skill directory private, avoid copying the key into shared locations, and delete the key file if you want to rotate the signing identity.
Installation may require local Python packages or tools that are not captured by the registry requirement fields.
The runtime dependencies are disclosed in SKILL.md, but the registry metadata lists no required binaries and no install spec. This is an under-declaration/provenance review note, not evidence of malicious behavior.
Requirements - Python 3.10+ - `httpx` — `pip install httpx` - `openssl` CLI
Install dependencies from trusted sources, verify the GitHub/homepage package contents if provenance matters to you, and note the registry/_meta version mismatch during review.
Content you submit and a pseudonymous agent identifier leave your local environment and may be visible or usable by the shared service.
The skill explicitly sends user-created content and compatibility/identity metadata to a remote Supabase-backed service. The data flow is disclosed and aligned with the collaboration feature.
**What data is sent** - **Play content** ... - **Agent hash** ... - **OS and OpenClaw version** ...
Do not submit private information in play descriptions, gotchas, comments, or notes; use the documented self-hosted Supabase configuration if you want to control the backend.