Openclaw Skill Gastown
WarnAudited by ClawScan on May 10, 2026.
Overview
The skill is coherent for multi-agent coding, but it gives autonomous background agents broad command and code-merge authority with limited explicit approval boundaries.
Install only if you intentionally want a persistent multi-agent coding system. Run setup manually, pin dependency versions if possible, use isolated branches or worktrees, require explicit approval before merges or broad fixes, and inspect/stop background Gas Town workers when finished.
Findings (8)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A mistaken or overbroad task could lead to many workspace-changing commands being run without the user reviewing each command first.
The skill explicitly assigns the agent direct command execution authority for the orchestrator, rather than limiting it to user-reviewed instructions.
You operate the system directly - users never run terminal commands themselves. You execute all `gt` and `bd` commands via Bash
Use this only in trusted repositories or disposable worktrees, and require explicit approval before spawning workers, running broad fixes, or merging results.
Agents or services may keep operating on queued work after the initial request, consuming resources or changing repository state.
The architecture includes background daemon behavior and periodic nudging, showing activity that can continue beyond a single user prompt.
Deacon ⚙️ Infrastructure daemon. - Background patrol loop - Health checks, session monitoring - Nudges agents periodically
Make start/stop controls explicit, verify what processes are running, and shut down Gas Town services when the task is complete.
A bad instruction or flawed worker change could propagate from one branch into the main codebase.
Parallel worker outputs can flow through an automated merge queue into the main branch; the shown artifacts do not specify a human approval gate for that review.
Refinery 🦡 Merge queue processor. - Processes polecat branches from merge queue - Merges to main after review
Require human code review or pull-request approval before any merge to main, and run the system on feature branches by default.
The skill may consume the user's Claude Code account quota and operate with the local CLI's workspace access.
The skill relies on local Claude Code processes, which likely use whatever Claude CLI account/session the user has configured.
Each polecat is independent Claude Code process
Confirm which Claude account is logged in, monitor usage, and consider a dedicated account or workspace for large agent swarms.
A future upstream change could alter behavior from what was reviewed here.
The setup script installs remote dependencies using `@latest`, so the installed code can change over time.
go install github.com/steveyegge/gastown/cmd/gt@latest ... CGO_ENABLED=0 go install github.com/steveyegge/beads/cmd/bd@latest
Pin reviewed versions of `gt` and `bd`, and inspect upstream repositories before running setup.
Running that command carelessly could remove or replace system-level Go files.
The documentation contains a privileged destructive setup command. It is not shown as automatic, but it can delete an existing system Go installation.
sudo rm -rf /usr/local/go && sudo tar -C /usr/local -xzf go1.24.12.linux-amd64.tar.gz
Do not run privileged setup commands automatically; verify paths and prefer the provided user-local setup approach when possible.
Stale or incorrect persisted instructions could influence later agents or tasks.
The skill deliberately persists work state and task context so future agents can resume from it.
Git-backed persistent state (hooks) - Work tracking (beads/convoys)
Inspect and clean persisted hooks, Beads data, and work queues between unrelated projects or after sensitive tasks.
Mistaken or spoofed local agent messages could trigger work transitions or completion signals.
Workflow control depends on messages between agents, but the shown artifacts do not describe identity checks or message-origin boundaries.
Mail System 📬 Inter-agent communication ... Special messages: SWARM_START, SWARM_COMPLETE, POLECAT_DONE, MERGED
Use the mail system only within trusted local workspaces and review routes, mailboxes, and attached work before letting agents act on them.