AI 朝廷 · 多 Agent 协作系统
ReviewAudited by ClawScan on May 10, 2026.
Overview
This is a coherent OpenClaw multi-agent configuration, but it deserves review because it can run persistent agents, share tasks across bots/channels, store activity logs, and disables sandboxing for some high-impact roles.
Install only if you are comfortable running a persistent multi-agent OpenClaw setup. Before use, review the copied config, turn on sandboxing or restrict tools for operational agents, protect Feishu and LLM credentials, use private channels for sensitive work, and define how daily logs should be stored and deleted.
Findings (5)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If enabled with powerful tools, an agent could affect local systems or deployment environments with limited containment.
A DevOps/infrastructure agent is configured with sandboxing disabled. For a tool-enabled OpenClaw deployment, this gives a high-impact role less containment, while the artifacts do not show clear approval, rollback, or scope limits for operational actions.
"theme": "你是工部尚书,专精 DevOps、服务器运维、CI/CD、基础设施...任务完成后主动汇报执行结果和系统状态。发现服务异常时主动告警。" ... "sandbox": { "mode": "off" }Use sandboxed modes where possible, restrict tools and workspaces per agent, and require explicit user approval for shell commands, deployments, account changes, and infrastructure actions.
Sensitive project details or decisions could be persistently stored in agent workspaces and later reused or exposed.
The configuration instructs an agent to automatically record and archive daily and monthly summaries of user decisions, tasks, discussions, and outputs. The artifacts do not define retention limits, exclusions for secrets, or user controls.
每日自动生成【起居注】,记录当天所有重要事件:皇帝下达的任务和决策、各部门完成的工作和产出...每日结束时生成摘要,归档到工作区...月末汇总当月起居注
Enable archival only if needed, define retention and deletion rules, avoid sending secrets into the system, and keep the archive workspace access-controlled.
Information in a prompt may be visible to multiple bots and channel participants rather than staying in a single private conversation.
The intended workflow forwards original user tasks to other agents and posts work items in a channel. This is central to the multi-agent design, but users should understand the data-sharing boundary.
先用 sessions_spawn 或 sessions_send 将原始任务发给内阁...用 message 工具在当前 Discord 频道发消息...一切工作流转必须在频道内公开可见
Use private channels for sensitive work, limit which agents can receive tasks, and avoid including secrets or confidential data in prompts.
If the local config file is exposed, someone could misuse the configured bot accounts or workspace access.
The skill asks the user to place Feishu bot credentials into the OpenClaw configuration. This is expected for a Feishu bot deployment and is disclosed, but those credentials grant account/bot access.
编辑 `~/.openclaw/openclaw.json`,填入你的飞书应用凭证: ... "appId": "cli_xxx", "appSecret": "xxx"
Use least-privilege Feishu apps, protect `~/.openclaw/openclaw.json`, avoid committing it to git, and rotate secrets if they are exposed.
Bots may remain online and continue responding to messages or scheduled triggers until the gateway/configuration is changed.
The skill is designed to run a persistent gateway-backed team of agents. This is disclosed and purpose-aligned, but users should recognize that activity may continue after setup.
一台服务器 + OpenClaw = 一支 7×24 在线的 AI 协作团队 ... openclaw gateway restart
Run it only in intended workspaces, monitor gateway activity, disable unused bots, and stop the gateway when persistent operation is not desired.