Mistral Agents Orchestrator
PassAudited by VirusTotal on May 11, 2026.
Overview
Type: OpenClaw Skill Name: mistral-agents-orchestrator Version: 1.0.1 The skill bundle implements a legitimate multi-agent orchestration system for generating bedtime stories using Mistral, ElevenLabs, Tavily, and Gemini APIs. The code in `scripts/orchestrator.py` correctly manages API keys for outbound requests to these services, and the `SKILL.md` documentation accurately reflects the system's architecture and security considerations without any signs of malicious intent, data exfiltration, or unauthorized execution.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Using the skill could create persistent agents in the user's Mistral account and potentially incur API usage or account clutter without a clear separate approval step.
A normal chat API path invokes setup code that creates Mistral agents using the account API key; the visible artifacts do not show a separate user confirmation, idempotent setup check against existing remote agents, or cleanup path.
@router.post("/api/agent/chat") ... _setup_handoff_agents(client) ... client.beta.agents.create(Make agent creation an explicit setup command, document expected persistent resources and costs, verify existing agents before creating new ones, and provide a cleanup/delete procedure.
A user may expect only Mistral access, but the skill can also use ElevenLabs and Tavily accounts and send prompts/text/search queries to those services if those keys are present.
The code reads additional provider credentials and later posts to ElevenLabs and Tavily, while the supplied requirements and SKILL metadata declare only MISTRAL_API_KEY as required.
ELEVENLABS_API_KEY = os.environ.get("ELEVENLABS_API_KEY", "")
TAVILY_API_KEY = os.environ.get("TAVILY_API_KEY", "")Declare all optional credentials and network destinations in metadata, explain when each provider is used, and require user approval before invoking non-Mistral provider actions.
Sensitive details placed in a conversation may be carried into delegated agent calls and retained in provider conversation context.
The core handoff design intentionally shares conversation context with specialist agents, which is expected for orchestration but important for users handling sensitive prompts.
Specialists ... Receive delegated tasks with full conversation context ... Context is preserved automatically.
Avoid placing secrets or unnecessary personal data in orchestrated conversations, and document context-sharing and retention expectations clearly.
If a user runs this script, behavior may depend on an unreviewed local or external prompt_cache module.
The code imports a module that is not present in the provided file manifest and there is no install spec describing its source or version.
import prompt_cache
Include the referenced module or remove the import, and provide a dependency manifest with pinned package sources.