Meta Control - Agent Orchestration
AdvisoryAudited by Static analysis on Apr 30, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Sub-agents could keep working in the background or monitoring over time without the user seeing each action or knowing how to stop them.
The skill instructs the agent to spawn independent background sub-agents and includes a monitoring agent that can run continuously, without defining stop conditions, teardown, or user approval requirements.
用 sessions_spawn 开启子 Agent: - 独立会话,后台运行 ... | 监控 Agent | 持续监控、告警 |
Require explicit user approval before spawning sub-agents, set time limits and stop conditions, and provide a clear way to list and terminate background sessions.
A delegated sub-agent might run commands, automate actions, or crawl sites more broadly than the user intended.
The skill authorizes sub-agents to crawl websites and run scripts/automation, which are high-impact tool uses, but the artifacts do not define limits, safe defaults, or confirmation rules.
| 搜索 Agent | 查资料、爬网站 | | 执行 Agent | 跑脚本、自动化 |
Add clear scoping rules: require user confirmation for script execution, automation, crawling, account changes, file changes, and any irreversible or public-facing action.
Task details or user-provided information may be passed to sub-agents without clear boundaries.
The skill establishes a multi-agent communication flow where sub-agents report through the main agent, but it does not describe what data may be shared, how sub-agent identity is verified, or how sensitive task context is limited.
- 子 Agent → 我 → 你 - 我不打扰你,只在必要时汇总
Define what information can be shared with sub-agents, require user approval before sharing sensitive data, and label which sub-agent produced each result.