ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Clawflow

v1.0.0

Protocol for multi-agent collaboration via OpenClaw's message-passing and recursive task DAGs. Use this skill whenever the user wants to coordinate work acro...

0· 1.3k·18 current·20 all-time
by@srikanth235
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description (multi-agent coordination) match the delivered artifacts: SKILL.md documents a message/DAG protocol and the code provides helpers to create dispatch/reply/task files and to initialize workspace directories. All external interactions are via the OpenClaw CLI (openclaw agents list, openclaw agent, openclaw config), which is exactly what a coordination skill would need.
Instruction Scope
Runtime instructions are specific: log incoming messages to mailbox/, create tasks/ task.md files, decompose DAGs, and dispatch via openclaw CLI. They do not instruct the agent to read unrelated system files, fetch resources from arbitrary web URLs, or exfiltrate secrets. They do require writing and reading workspace files (IDENTITY.md, SOUL.md, AGENTS.md, mailbox/, tasks/) which is consistent with the stated workspace-based design.
Install Mechanism
No install spec is provided (instruction-only with helper scripts included). The included Python files do not download or execute remote code; they only write local files and call the OpenClaw CLI. This is a low-risk, expected form factor for a protocol/utility skill.
Credentials
The skill requires no environment variables or external credentials. Its subprocess calls use the OpenClaw CLI to read configuration and agent lists; that is proportional to a coordination protocol. No secrets or unrelated service keys are requested.
Persistence & Privilege
always is false and the skill does not request elevated/system-wide privileges. It creates directories and files inside the agent's workspace only (mailbox/, tasks/), which is consistent with its purpose and expected persistence scope.
Assessment
This skill appears to do what it says: implement a local protocol for coordinating OpenClaw agents using the OpenClaw CLI and workspace files. Before installing, review and accept these practical consequences: it will create mailbox/ and tasks/ directories under whatever workspace you initialize (local file writes), it will call the openclaw CLI to read agent config and to dispatch messages (so ensure openclaw is installed and configured), and dispatch messages must include whatever context you send — do not include secrets or private data in task messages. Also review which agents are reachable via openclaw agents list and your subagents.allowAgents settings (restrict to trusted peers if needed). If you want extra assurance, inspect message.py and init.py (they contain no network calls or credential exfiltration logic) and test in a sandbox workspace first.

Like a lobster shell, security has layers — review code before you run it.

latestvk979k6n99vtp5487hj0c679xd181dy2c

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments