Multi Agent Orchestrator
Security checks across static analysis, malware telemetry, and agentic risk
Overview
This instruction-only skill is coherent and purpose-aligned, but it describes shared agent workspaces, inter-agent messaging, and scheduled monitor agents that users should configure deliberately.
This looks like a benign documentation/template skill for building multi-agent workflows. Before using it, decide which agents really need access to each workspace, keep human approval for deployments, publishing, financial, or account-impacting actions, avoid storing secrets in shared knowledge, and track any scheduled heartbeat or cron jobs you create.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Messages or files intended for one agent could be read or acted on by another agent if the shared workspace or session routing is configured too broadly.
The skill teaches agents to communicate directly and through shared workspaces, which is central to its purpose but can expose or propagate task context if recipients and permissions are not controlled.
Direct agent-to-agent messaging via platform APIs.
Use explicit sender/receiver fields, restrict shared directories to the intended team, and avoid placing secrets or sensitive personal data in inter-agent messages.
Bad, outdated, or maliciously edited shared notes could steer later agent decisions or reports.
The shared knowledge base is intended to persist decisions and reference material across agents, which is useful but can let incorrect or untrusted content influence future agent work.
Decisions go to `shared/knowledge/decisions/`; Learnings go to `shared/knowledge/learnings/`; Reference material goes to `shared/knowledge/reference/`
Review shared knowledge entries, track authorship and timestamps, and separate trusted decisions from unverified reference material.
A scheduled monitor could continue running after the initial setup unless the user tracks and disables it.
The skill includes recurring heartbeat/cron examples for monitor agents. This is disclosed and aligned with monitoring, but it creates ongoing agent activity if the user implements it.
0 */2 * * * openclaw cron run monitor-health-check
Only create cron/heartbeat jobs intentionally, document their purpose and schedule, and remove or pause them when the agent team is no longer needed.