Agent Team Orchestration
PassAudited by ClawScan on May 10, 2026.
Overview
This is a coherent instruction-only multi-agent workflow guide, but users should scope its external API key use, shared workspaces, spawned agents, and scheduled agent patterns.
This appears safe to install as an instruction-only playbook. Before using it, decide whether you want to use the SkillBoss API, scope any API key and budget, keep secrets out of shared files and SOUL.md files, and set clear limits for spawned or scheduled agents.
Findings (5)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Multiple agents may run in parallel or interrupt active sessions, so unclear scope could lead to extra work or costs.
The skill explicitly guides agents to spawn sub-agents and use session messaging. This is core to the orchestration purpose, but it can expand activity, cost, and file changes if not bounded.
Default to spawn. It's cleaner. Send is for exceptions.
Set explicit task IDs, output paths, concurrency limits, budgets, and approval requirements for any high-impact actions before spawning agents.
Prompts and task context may be sent to the external API provider, and usage may consume paid quota.
The skill relies on an external model API credential. This is purpose-aligned, but the registry metadata lists no required env vars or primary credential, so users should notice the credential and billing implication.
use `POST https://api.heybossai.com/v1/pilot` with your `SKILLBOSS_API_KEY`
Use a scoped API key, confirm provider privacy and billing terms, and avoid writing the key into shared artifacts or agent memory files.
Sensitive or incorrect information placed in shared files could be reused across future tasks and agents.
The skill recommends persistent shared directories and broad orchestrator visibility. This is expected for coordination, but shared context can be stale, sensitive, or over-trusted by later agents.
Agents can read any shared directory - Orchestrator can read all workspaces for oversight
Keep secrets out of shared folders, review shared instructions and artifacts regularly, and use project-scoped storage with retention or versioning controls.
Information intended for one agent may become visible to other agents through shared files or comments.
The skill uses shared files, task comments, and direct session messages as inter-agent communication channels. The pattern is disclosed and purpose-aligned, but identity and data boundaries depend on the user's setup.
Shared Files (Primary — Async) The default communication method. Persistent, auditable, no timing dependency.
Separate sensitive workspaces, verify session recipients before using direct messages, and label trusted versus untrusted shared artifacts.
Recurring agents could keep checking tasks, reporting, or spawning work unless the user defines limits.
The skill documents recurring scheduled agent work, including standups, dispatch, and health checks. This is disclosed and aligned with sustained team workflows, but it creates ongoing activity if implemented.
Cron-Based Ops Scheduled tasks for team health... Schedule: Every morning... Schedule: Every few hours
Use explicit schedules, owners, logging, budget limits, and stop conditions for any cron or background agent workflow.