AGI Farm
WarnAudited by ClawScan on May 10, 2026.
Overview
AGI Farm is clear about building an AI team, but it also creates persistent background automation that can keep launching agents and using connected services.
Review this skill carefully before installing. It is not shown to exfiltrate data or hide behavior, but it is designed to create a long-running autonomous agent system. Start in dry-run/manual mode, inspect generated crons and LaunchAgents, restrict agent permissions and GitHub credentials, monitor costs, and keep the generated workspace files private.
Findings (6)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Agent sessions may keep starting in the background, consuming model quota and changing workspace state until the cron or LaunchAgent is disabled.
The included dispatcher is designed to run persistently and automatically in execute mode, launching agent work on a schedule.
Cron (every 1 min, full-auto): * * * * * python3 ~/.openclaw/skills/agi-farm/auto-dispatch.py ... --execute
Install only if you want persistent automation. Before enabling setup, review the registered crons/LaunchAgents, set cost limits, and document a clear stop/uninstall procedure.
A generated or modified task/inbox entry can cause agents to run with whatever tools and permissions those OpenClaw agent profiles have.
The dispatcher directly invokes OpenClaw agent sessions from task state and detaches them as background processes.
subprocess.Popen([OPENCLAW, "agent", "--agent", agent_id, "--message", msg], ... start_new_session=True)
Use dry-run mode first, inspect TASKS.json and inbox files before enabling --execute, and restrict agent tools/permissions to the minimum needed.
Any process or user able to write the workspace inbox/broadcast files could influence what agents do next.
The design uses shared files as the command channel between agents, but the artifacts do not describe sender identity checks, message authentication, or permission boundaries for those files.
C->>I: Write task to agent inbox ... A->>I: Reads inbox ... A->>A: Executes task ... A->>O: Writes result to outbox
Keep the workspace private, review inbox/broadcast files before dispatch, and add origin metadata or approval checks for tasks created outside the orchestrator.
If enabled, the skill may create or update a GitHub repository under the user's authenticated account.
The skill can use the user's GitHub CLI authentication to create or push a bundle when the GitHub workflow is selected.
`/agi-farm export` | Push bundle to GitHub ... `gh auth login`
Use a dedicated or least-privilege GitHub account/token and verify repository visibility before exporting.
Users must trust and inspect the packaged code and manually ensure the expected CLI tools and dependencies are present.
The registry metadata does not declare provenance or the runtime dependencies that the README and included scripts expect.
Source: unknown; Homepage: none; Required binaries: none; No install spec — this is an instruction-only skill.
Verify the package source, inspect the included Python scripts before running setup, and prefer pinned/documented dependency installation.
Old or edited instructions in the generated workspace can affect future agent behavior.
The skill creates persistent persona and communication files that agents will reuse as context across tasks.
SOUL.md personas, comms infrastructure (inboxes/outboxes/broadcast)
Review and periodically clean SOUL.md, inbox, outbox, and broadcast files, especially before using the team for sensitive work.