Agent Dispatch
PendingStatic analysis audit pending.
Overview
No static analysis result has been recorded yet. Pattern checks will appear here once the artifact has been analyzed.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A changed or compromised upstream file could alter how your agent handles specialized tasks without you noticing first.
The skill imports agent prompt files at runtime from a third-party GitHub repository's main branch, with no commit pin, hash, signature, or substantive validation beyond basic frontmatter checks.
If the agent is not installed locally, download it on the fly. ... Base: `https://raw.githubusercontent.com/VoltAgent/awesome-claude-code-subagents/main/categories` ... `curl -sfL "URL" -o "${AGENTS_DIR:-$HOME/.claude/agents}/AGENT_NAME.md"`Require explicit user approval before downloading and using a new agent, pin downloads to a reviewed commit or signed release, and verify hashes before dispatch.
A fetched agent prompt could cause the subagent to follow unexpected instructions, omit important checks, or take actions outside the user's intent.
Downloaded or cached prompt text becomes authoritative instructions for a subagent. If that text is malicious, stale, or simply misaligned, it can redirect the subagent away from the user's actual goal.
Read the agent file. Extract everything after the YAML frontmatter ... Pass that full text as the prompt to the **Task** tool, prepending the specific work request.
Treat downloaded agent files as untrusted content, enforce fixed guardrails around subagent prompts, and show users the selected agent and source before use.
Unsafe or outdated subagent instructions may persist and affect future work even after the original task is finished.
Remote prompt content is stored as persistent context and reused across sessions. A poisoned or outdated downloaded agent can continue influencing later tasks until the user manually removes it.
The downloaded agent file stays cached in the agents directory for future sessions. ... Downloaded agents are cached permanently; delete manually to force re-download
Add cache expiry, visible cache management, hash tracking, and a simple cleanup command; consider re-validating or re-approving cached agents before reuse.
Your task details may be handed to an auxiliary agent using instructions from a remote file, which can reduce transparency about which agent guidance was used.
The skill's core workflow passes the user's work request plus fetched agent instructions into another agent, while the named provenance of the selected agent may be less visible in the invocation.
Use a general-purpose subagent with the full prompt inline — do not reference the agent by registered name.
Display the selected agent name, source URL, and cache path before dispatch, and make clear what task context will be passed to the subagent.