Meta Control - Agent Orchestration
PassAudited by VirusTotal on May 11, 2026.
Overview
Type: OpenClaw Skill Name: meta Version: 1.0.0 The skill bundle describes a 'meta-调控' agent designed to orchestrate various sub-agents, including an '执行 Agent' (Execution Agent) capable of '跑脚本、自动化' (running scripts, automation). While the SKILL.md instructions themselves do not contain explicit malicious commands or prompt injections, the described capability of delegating script execution to a sub-agent introduces a significant remote code execution (RCE) risk. This powerful capability, if misused or combined with a compromised prompt, could lead to unauthorized command execution, making the skill bundle suspicious due to its inherent vulnerability potential.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Sub-agents could keep working in the background or monitoring over time without the user seeing each action or knowing how to stop them.
The skill instructs the agent to spawn independent background sub-agents and includes a monitoring agent that can run continuously, without defining stop conditions, teardown, or user approval requirements.
用 sessions_spawn 开启子 Agent: - 独立会话,后台运行 ... | 监控 Agent | 持续监控、告警 |
Require explicit user approval before spawning sub-agents, set time limits and stop conditions, and provide a clear way to list and terminate background sessions.
A delegated sub-agent might run commands, automate actions, or crawl sites more broadly than the user intended.
The skill authorizes sub-agents to crawl websites and run scripts/automation, which are high-impact tool uses, but the artifacts do not define limits, safe defaults, or confirmation rules.
| 搜索 Agent | 查资料、爬网站 | | 执行 Agent | 跑脚本、自动化 |
Add clear scoping rules: require user confirmation for script execution, automation, crawling, account changes, file changes, and any irreversible or public-facing action.
Task details or user-provided information may be passed to sub-agents without clear boundaries.
The skill establishes a multi-agent communication flow where sub-agents report through the main agent, but it does not describe what data may be shared, how sub-agent identity is verified, or how sensitive task context is limited.
- 子 Agent → 我 → 你 - 我不打扰你,只在必要时汇总
Define what information can be shared with sub-agents, require user approval before sharing sensitive data, and label which sub-agent produced each result.