RLM Controller
PassAudited by ClawScan on May 1, 2026.
Overview
RLM Controller appears coherent and purpose-aligned, with disclosed bounded sub-agent and local-script use, but users should be aware it stores temporary context and can spawn subcalls by default.
This skill looks reasonable for large document, log, or repository analysis. Before installing, decide whether automatic subcalls are acceptable, keep redaction enabled for sensitive inputs, and clean up scratch artifacts when finished.
Findings (2)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
During large-document tasks, the agent may create sub-agent sessions and run the bundled helper scripts automatically.
The skill can run bundled local helper scripts and spawn sub-agent sessions without per-call confirmation unless the operator changes configuration. This is disclosed and bounded, so it is a note rather than a concern.
Uses OpenClaw tools: `read`, `write`, `exec`, `sessions_spawn` ... In default mode, the model may invoke this skill autonomously; all operations remain bounded by policy limits
Use the default only if bounded autonomous batching is acceptable; set disableModelInvocation to true if you want explicit confirmation before each exec or spawn action.
Sensitive documents, goals, or log details could remain in local scratch files after a run.
The skill stores copies of input context and generated subcall prompts locally. Redaction is enabled for subcall prompt copies, but original context and logs may remain until cleanup.
Store context under `<workspace>/scratch/rlm_ctx/` or skill-local tmp dirs ... Subcall prompts have secrets redacted by default ... Purge temp files when done (optional cleanup step)
Keep redaction enabled, avoid disabling it for sensitive inputs, and run the cleanup script or set retention rules appropriate for your data.