Agent Swarm
v1.7.19IMPORTANT: OpenRouter is required. Routes tasks to the right model and always delegates work through sessions_spawn.
⭐ 3· 2.2k·22 current·26 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
Name/description (task router that delegates via sessions_spawn to OpenRouter models) matches the included code and config. The skill only requires knowledge of OpenRouter-model IDs and an OpenClaw platform OpenRouter API key (configured in platform settings, not provided by the skill). No unrelated env vars or binaries are requested.
Instruction Scope
SKILL.md instructs the orchestrator to call the included router script (via subprocess with list args) and then call sessions_spawn — this stays within the declared purpose. Two things to note: (1) the router code will make outbound requests to fetch OpenRouter model metadata (openrouter.ai), and (2) the router appends an audit line containing a truncated task string to OPENCLAW_HOME/logs/agent-swarm-delegations.jsonl. Both behaviors are consistent with routing/orchestration but are persistence and network actions you should be aware of.
Install Mechanism
No install spec provided (instruction-only skill) and the included Python script runs when invoked. No downloads, external installers, or archive extraction are requested by the skill metadata.
Credentials
The skill requests no secrets or required environment variables. It uses OPENCLAW_HOME if set (defaults to ~/.openclaw) and reads openclaw.json for tools.exec.host and tools.exec.node. It may import the openclaw Python module if available. These accesses are coherent with the skill purpose, but they are read/write operations (it creates a local logs directory and writes JSONL audit entries). If you store secrets in openclaw.json or have policy-sensitive content in task strings, be aware of this file access and the audit log persistence.
Persistence & Privilege
always is false and the skill does not request platform-wide privileges. The only persistent side-effect is writing an audit JSONL file under OPENCLAW_HOME/logs and recommending validated config patches (whitelisted to tools.exec.*). It does not modify other skills or global agent settings.
Assessment
This skill appears to do what it claims: route tasks to OpenRouter-backed models and spawn sub-agents. Before installing, confirm: (1) Your OpenClaw platform has OpenRouter configured (API key stored in platform settings) since the skill expects OpenRouter-model IDs but does not itself hold that key. (2) You are comfortable with the skill reading $OPENCLAW_HOME/openclaw.json (it says it only reads tools.exec.host and tools.exec.node) — verify that file does not contain gateway secrets or other sensitive data you don't want read. (3) The router will write an audit log line (truncated task text, tier, model, timestamp) to OPENCLAW_HOME/logs/agent-swarm-delegations.jsonl — if you are concerned about storing task content on disk, plan for log management or disable the skill. (4) The script makes outbound requests to openrouter.ai to validate model IDs; if you operate in an air-gapped environment or want no network calls, review/modify the code. If you need higher assurance, review scripts/router.py in full (the implementation is present in the package) before enabling. Overall this is internally coherent with its described purpose.Like a lobster shell, security has layers — review code before you run it.
latestvk979r633q5fhn9f1bxhb7avafh82gd7s
License
MIT-0
Free to use, modify, and redistribute. No attribution required.