The Hive Swarm Governance
Security checks across malware telemetry and agentic risk
Overview
This skill is openly about swarm governance, but it includes autonomous code-change execution and persistent signing-key handling without enough detail about containment or user approval.
Review this skill carefully before use. It may be appropriate for testing swarm-governance workflows, but do not let it control real projects or agent behavior unless you have verified the external API, CLI implementation, key handling, and safeguards around automatic code execution.
VirusTotal
66/66 vendors flagged this skill as clean.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A swarm vote could result in code or agent behavior changing automatically, potentially without the user reviewing the final change at execution time.
The artifact explicitly describes automatic execution of approved code diffs, but the provided materials do not define the execution environment, containment, rollback, or final user approval process.
"Autonomous Execution" | "Approved code diffs execute automatically with dry-run and safety checks."
Use only in an isolated environment unless you can verify the execution target, safety checks, rollback plan, and human-approval controls.
If the private key or backup password is exposed, someone else may be able to act as the agent in the swarm.
The skill relies on a private key that authorizes future swarm actions such as vouches, votes, and proposals; this is expected for the purpose but sensitive.
"Save your private key securely. You'll need it to sign all future actions."
Store keys and .hive backups securely, avoid putting real passwords directly in shell commands, and verify how the CLI stores or uses private keys before relying on it.
Users may need to obtain and run external code that was not included in this scan.
The documentation references a CLI and dependencies, while the supplied package is instruction-only with no install spec or reviewed CLI code included.
"API & CLI | REST API + full CLI for all operations." and "python cli.py onboard"
Before running any CLI from the linked repository or elsewhere, inspect the source, verify the repository and API endpoint, and use a constrained environment.
Agent identifiers, metadata, vouch reasons, votes, proposal diffs, public keys, and signatures may be sent to or stored by the Hive service.
The skill directs agents to use an external live API for onboarding, vouching, voting, and proposals, which creates cross-agent data flows.
"Live API: https://the-hive-o6y8.onrender.com"
Do not submit sensitive private information in metadata, vouch reasons, or proposal diffs, and review the service’s retention and trust model before use.