Skillv1.8.0

ClawScan security

Agent Harness · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignApr 7, 2026, 3:45 PM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill is an instruction-only 'agent harness' that provides a layered workflow for planning, research, and multi‑agent coordination; its files, instructions, and requirements are coherent with that purpose and it does not ask for unrelated credentials or install arbitrary code.
Guidance: This skill appears coherent and is just a set of instructions/templates for multi-step work and multi-agent coordination. Before installing: (1) Confirm you are comfortable with agents spawning sub-sessions (sessions_spawn / sessions_yield) in your environment; (2) Decide and control the workspace path used for subagent output files (the skill recommends writing reports to {user workspace}/subagent_reports/) so you know where files will be written; (3) If you run this in an environment with sensitive files, restrict the agent's filesystem permissions or avoid granting it write access to sensitive locations; (4) Because the skill can be invoked autonomously (platform default), consider whether you want it able to launch parallel sub-agents without explicit confirmation. Overall the behavior matches the described purpose, but pay attention to filesystem and session-level capabilities when you enable it.

Review Dimensions

Purpose & Capability: okName/description (Agent Work Framework / workflows for research, plan, subagents, context, analysis) match the actual contents: markdown workflows, templates, and instructions for pipeline + workflows. No unrelated env vars, binaries, or external services are requested.
Instruction Scope: noteSKILL.md instructs the agent to load the included reference files and to use OpenClaw session APIs (sessions_spawn, sessions_yield, sessions_send) for subagent orchestration. It also recommends subagents write full outputs to a user workspace path (e.g., {user configured workspace}/subagent_reports/) and for the parent to confirm file existence. This file-write / session spawn behavior is coherent with multi-agent coordination but is operationally significant (requires filesystem and session APIs).
Install Mechanism: okInstruction-only skill with no install spec, no downloaded code, and no declared dependencies — lowest install risk.
Credentials: okNo environment variables, credentials, or config path requirements are declared. The instructions reference a user-configured workspace (TOOLS.md) but do not request secrets or unrelated credentials; this is proportionate for a multi-agent reporting workflow.
Persistence & Privilege: okalways:false and default model-invocation behavior. The skill does not request persistent elevated privileges or modify other skills. It does recommend writing subagent output files to a user workspace, which implies filesystem use but doesn't change skill privilege settings.