Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Agency Agents
v1.0.0193 AI Expert Agents for OpenClaw. Engineering, Design, Marketing, Product, and China Market specialists. Triggers: agency agents, AI experts, expert roles,...
⭐ 0· 42·0 current·0 all-time
by@sky-lv
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The SKILL.md describes a library of 193 agent roles and workflows which matches the name, but the registry metadata lists no install steps or required binaries while the README instructs users to 'git clone' a GitHub repo and run './scripts/install.sh' and 'npx agency-orchestrator'. The metadata and declared requirements do not align with the operations the skill itself asks to perform (git, bash, node/npm/npx, network access).
Instruction Scope
The instructions direct the agent to download code from an external GitHub repo and execute an install script; they also show examples running npx and invoking an orchestrator. Executing arbitrary install scripts and npx packages at runtime gives the skill broad discretion to modify disk, network, and runtime behavior beyond the described agent-role content. The SKILL.md does not instruct explicit safety checks or sandboxing before running those scripts.
Install Mechanism
Although there is no formal install spec in the registry, the SKILL.md relies on cloning https://github.com/jnMetaCode/agency-agents-zh.git and running ./scripts/install.sh and npx commands. GitHub is a common host, but these are arbitrary repository scripts and npm packages (npx) which will fetch and execute code — a moderate-to-high risk install pattern especially when the upstream owner is unverified and no integrity checks are provided.
Credentials
The registry declares no required environment variables or primary credential, and SKILL.md does not explicitly ask for keys. However it references integrations with multiple third-party tools (Claude, Copilot, etc.) and an install script that likely needs network access and may prompt for or configure credentials later. The absence of declared credentials is an inconsistency the user should clarify.
Persistence & Privilege
The skill is not marked 'always', but the installation instructions indicate writing files to disk (cloning a repo, running an install script that 'installs to OpenClaw') and using npx to run packages — these operations can create persistent artifacts or modify runtime configuration. The registry does not describe what the install script will change, so the persistence and privileged actions are unclear.
What to consider before installing
This skill appears to be a curated library of agent roles, but the SKILL.md instructs you (or the agent) to clone a third‑party GitHub repo and run its install script and npx packages. Before installing or invoking it: 1) Inspect the repository and open ./scripts/install.sh and any referenced packages to see exactly what will run; 2) Prefer running installs in a sandbox or disposable environment; 3) Verify the upstream repo owner and check for forks or an official upstream; 4) Ensure you have reviewed any prompts for API keys or tokens and do not supply secrets blindly; 5) Ask the publisher to add an explicit install spec, list required binaries (git, node/npm), and declare any environment variables or permissions the installer needs. If you cannot review the code, treat the install as high risk and avoid running it on sensitive systems.Like a lobster shell, security has layers — review code before you run it.
latestvk9738jrcg66cv2bftbjs693b7x84nxy8
License
MIT-0
Free to use, modify, and redistribute. No attribution required.