DevTeam Command
Security checks across static analysis, malware telemetry, and agentic risk
Overview
This skill is not overtly malicious, but it can launch multiple autonomous coding agents that may change project files for long periods without clear scope, approval checkpoints, or safe coordination.
Use this only on a disposable branch or sandboxed workspace, monitor each spawned agent, review generated PLAN.md/TASKS.md/BUGS.md before code-changing stages, and avoid running it on sensitive proprietary projects unless the configured model providers and subagent permissions are acceptable.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A single invocation may allow the agent pipeline to make broad code changes in the workspace without step-by-step confirmation.
The skill launches an autonomous coder subagent to implement code from a generated task file, with no artifact-level restriction on files, branch, approval, or rollback.
await spawnAgent({ label: 'coder', task: 'Implement code theo TASKS.md', model: MODELS.coder, timeout: TIMEOUTS.coder })Run only in a clean branch or sandbox, review PLAN.md and TASKS.md before implementation, and add explicit approval gates or path limits before coding/fixing steps.
The pipeline could proceed out of order or overlap agents, causing inconsistent plans, tests, or code edits from the wrong session.
The skill waits for completion by matching only the generic subagent label, even though spawnAgent returns a childSessionKey. This can mistake an older or unrelated subagent for the current one.
const agent = status.recent?.find((a: any) => a.label === label && a.status === 'done')
Track and verify the specific childSessionKey returned by sessions_spawn, and avoid reusing generic labels across concurrent or recent runs.
If PLAN.md, TASKS.md, or BUGS.md contains mistaken or injected instructions, later agents may follow them and alter the project accordingly.
Generated persistent files are used as instructions for later agents. This is expected for the pipeline, but those files become trusted context that can steer future code changes.
task: 'Đọc PLAN.md và tạo TASKS.md' ... task: 'Implement code theo TASKS.md' ... task: 'Fix bugs từ BUGS.md'
Review generated planning and bug files before allowing subsequent implementation or fixing steps, especially if the repository contains untrusted content.