auto-complex-task-planner
ReviewAudited by ClawScan on May 10, 2026.
Overview
The skill matches its stated task-planning purpose, but it can automatically create/run queued sub-agents for broad or bulk/delete tasks without clear approval, data-boundary, or retention controls.
Review this skill carefully before installing. It is most appropriate if you are comfortable with automatic sub-agent delegation. Avoid using it for sensitive, destructive, or broad bulk operations unless you add explicit confirmation, monitor queued/running sub-agents, and understand what is stored under the OpenClaw workspace memory/temp paths.
Findings (5)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent may start multiple helper agents or continue queued work later, consuming resources or taking actions after the user expected the task to be inactive.
The skill explicitly promotes automatic sub-agent creation and later idle execution, but the artifacts do not define a user approval, queue review, stop, or cancellation boundary.
Just use naturally! The skill automatically detects complex tasks ... Creating 3 sub-agents (parallel execution) ... Will execute when idle
Require explicit confirmation before launching or queuing sub-agents, show all queued/running agents, and provide clear stop/cancel controls and hard concurrency/time limits.
A broad or deletion-related request could be delegated too readily to a running sub-agent before the user reviews the exact scope.
Bulk, all, and delete keywords are explicitly routed into the automatic sub-agent workflow, but the skill does not document confirmation, dry-run, scope checks, or rollback safeguards for potentially destructive tasks.
### 自动使用子 agent ... **批量** | 批量、全部、所有、删除 | "批量删除 XXX"
Add mandatory confirmation and a dry-run/preview step for bulk, all, delete, account-changing, or file-changing actions, and require the user to approve the exact target scope.
Sensitive task details may be shared with helper agents whose access boundaries are not clear to the user.
The artifact shows user task content being passed into separate sub-agent runtimes, but it does not specify what context, tools, files, or permissions those sub-agents receive.
"subagents": [{ "label": "research-a1b2c3d4-0", "task": "Research Beijing Xinfadi agricultural products market...", "runtime": "subagent", "mode": "run" }]Document and enforce sub-agent context isolation, tool permissions, and data-sharing limits; ask before sending sensitive task content to sub-agents.
Task details may remain in local records after the immediate conversation.
The skill records task lifecycle information persistently for progress and statistics, which may include user task descriptions or sensitive work context.
新增 JSON 格式任务记录 ... 任务进度追踪 ... 每日统计报表
Disclose exactly what is stored, where it is stored, how long it is retained, and provide a simple command or setting to clear task history.
Users have less information for verifying where the executable script came from or how it is intended to be installed and run.
The package includes a Python script but has limited provenance information and no install specification; this is not malicious by itself, but it reduces reviewability.
Source: unknown; Homepage: none; Install specifications: No install spec; Code file presence: scheduler.py
Publish a verifiable source/homepage, include all referenced package files, and document exactly how scheduler.py is invoked.