Agent Hive
v1.0.2Create and manage multi-agent teams in OpenClaw with shared workspace, budget governance, and mesh networking. Use when: (1) adding a new agent to an existin...
⭐ 0· 435·1 current·1 all-time
byNissan Dookeran@nissan
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
medium confidencePurpose & Capability
The name/description match the provided assets: scripts to create agent workspaces and a Python audit that enforces budget rules. Required capabilities (reading/writing ~/.openclaw, managing BUDGET.json, symlinking shared resources) are appropriate for multi-agent workspace management. No unrelated credentials or external services are requested.
Instruction Scope
Runtime instructions read/write many files under $HOME/.openclaw, create symlinks, create BUDGET.json entries, and instruct a gateway restart (launchctl). There are no network outbound endpoints or exfiltration points in the provided code. However, the instructions recommend running the audit automatically from a heartbeat which will autonomously update BUDGET.json and governance log files (including automatic demotion logic); restarting the gateway via launchctl affects a system service and is macOS-specific but the skill has no OS restriction.
Install Mechanism
This is instruction-only with bundled scripts; there is no external install/download step, no package pulls, and no remote code fetch. The scripts are included in the skill bundle, so no additional network risk is introduced by an installer.
Credentials
The skill requests no environment variables or credentials. It operates on user-local files under ~/.openclaw, which is proportional to its purpose. Note: scripts hardcode the Australia/Sydney timezone and include a small hard-coded AGENT_MAP, which are configuration choices rather than secrets but may need adjustment.
Persistence & Privilege
always is false and autonomous model invocation is allowed (platform default). The budget_audit.py script can autonomously change BUDGET.json (including setting status to 'demoted') and append governance events; if you wire this into an automated heartbeat the system will perform privilege changes (demotions) without an additional human step. That behavior is consistent with the described governance model but is operationally impactful and should be reviewed before enabling automation.
Assessment
This skill appears to do what it says: create agent workspaces, manage budgets, and enforce demotions. Before installing or enabling it broadly: 1) Review and test scripts in a safe environment — run create_agent.sh and budget_audit.py on a copy of your workspace, not production data. 2) Backup ~/.openclaw/openclaw.json and workspace directories so you can recover from accidental edits. 3) Verify the launchctl restart step is appropriate for your OS (it's macOS-specific) and that you have permission to restart the gateway; replace with your platform's service manager if needed. 4) Inspect and, if required, edit the hard-coded AGENT_MAP and timezone in budget_audit.py to match your deployment. 5) Decide whether to run the audit manually or wire it into a heartbeat; automated audits will rewrite BUDGET.json and can automatically demote agents per the policy — ensure that behavior aligns with your operational expectations. 6) Confirm file permissions and that symlink targets are correct (to avoid accidental linking to unexpected directories). If you need higher assurance, ask for an attestation or run the scripts under limited privileges first.Like a lobster shell, security has layers — review code before you run it.
latestvk9793hjc7amje7bryrrb8esc4s83r78p
License
MIT-0
Free to use, modify, and redistribute. No attribution required.