Back to skill
Skillv2.1.9
ClawScan security
Agent Team Skill · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 31, 2026, 4:02 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's code, instructions, and requested resources are consistent with a local team-management tool and OpenClaw plugin — it reads/writes a local JSON file and injects team info into agent context; nothing requests unrelated credentials or external network access.
- Guidance
- This skill appears internally consistent and operates on local files only. Before installing: 1) Inspect ~/.agent-team/team.json (or set AGENT_TEAM_DATA_FILE to a custom path) and back it up if needed — the reset command deletes it. 2) Note that installing the plugin requires adding files/symlink under your OpenClaw extensions (~/.openclaw/extensions) or editing ~/.openclaw/config.json, which grants the plugin code the ability to run inside your OpenClaw instance and inject team data into system prompts (expected behavior). 3) Verify the claimed 'progress recording' behavior if you rely on it (I didn't see code writing memory/YYYY-MM-DD.md). 4) Because the plugin injects data into agent context, avoid putting secrets or sensitive data in team.json. If you want tighter control, keep the plugin disabled (config.enabled=false) and call the CLI manually instead.
Review Dimensions
- Purpose & Capability
- okName/description (agent team management) match the included pieces: a CLI Python script (scripts/team.py) for CRUD on ~/.agent-team/team.json and an OpenClaw plugin (integrations/openclaw/agent-team) that injects that data into the agent's system context. Required binary (python3) is appropriate and proportional.
- Instruction Scope
- noteSKILL.md limits runtime behavior to running the provided Python CLI (list/update/reset) and describes the plugin injection behavior. The script only reads/writes the configurable local data file (default ~/.agent-team/team.json) and honors an optional AGENT_TEAM_DATA_FILE env var. One minor inconsistency: documentation mentions 'Progress Recording in memory/YYYY-MM-DD.md' but I did not find code that writes such memory files — verify whether that feature is implemented or just documented.
- Install Mechanism
- okNo automated install spec is present (instruction-only); plugin installation instructions ask the user to symlink or add the plugin path to OpenClaw config. No downloads or remote installs are performed by the skill files themselves.
- Credentials
- okThe skill requests no secrets or external credentials. The only environment-related behavior is optional: the script will read AGENT_TEAM_DATA_FILE if set (used for test isolation/custom paths). The reset command will irreversibly clear ~/.agent-team/team.json — that is expected but should be used with care.
- Persistence & Privilege
- noteThe plugin, when installed into OpenClaw extensions, registers a before_prompt_build hook and will automatically append team context to system prompts for the current leader agent. This gives the plugin a persistent execution point inside the agent runtime (normal for a plugin) but is not forced 'always:true'. Keep in mind this means leader agents will automatically receive the team data without invoking the CLI.