agentCreate
AdvisoryAudited by Static analysis on Apr 30, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A wrong target, wrong path, or failed edit could delete an agent workspace, remove channel account settings, or corrupt local OpenClaw configuration.
The complete-uninstall path force-deletes the agent/workspace and then directly edits the local OpenClaw configuration at a hard-coded user path to remove channel accounts. This is purpose-related, but it is a high-impact operation with limited containment in the shown snippet.
bash "$SKILL_DIR/scripts/openclaw-mac.sh" agents delete {agentId} --force ... path = '/Users/honor/.qclaw/openclaw.json' ... del accounts[account_id]Use explicit user confirmation immediately before deletion, resolve the config path dynamically, create a backup in the executable workflow, and prefer a scoped supported CLI/API for account removal if available.
Users may provide bot credentials that allow the created agent to receive or send messages through the configured channel.
Optional channel binding may collect and write provider credentials into OpenClaw configuration. This is expected for creating a Feishu bot account, and the artifacts do not show credential exfiltration.
"appId": "{appId}",
"appSecret": "{appSecret}"Use least-privileged channel credentials, avoid sharing secrets in chat history where possible, and remove or rotate credentials for agents that are no longer needed.
The actual CLI behavior depends on an external local wrapper that was not reviewed here.
The skill relies on another skill's wrapper script, but that helper is not included in this artifact set or pinned by an install specification.
所有 CLI 操作必须通过 qclaw-openclaw skill 的 wrapper 脚本执行,禁止直接调用 `openclaw` 命令。
Verify that the referenced qclaw-openclaw wrapper is installed from a trusted source and matches the expected OpenClaw version before using this skill.
If cleanup is partial, messages intended for a deleted or unbound bot could be handled by the main agent instead.
The artifact itself notes that incomplete cleanup can route messages for a removed/unbound channel account to the main agent.
若账号配置残留但无 binding,消息会 fallback 到 `defaultAccount` → main agent 响应。
After uninstalling, verify both agent lists and channel bindings, and confirm that unused channel accounts were removed only when not shared by another agent.
Created agents may continue to exist, keep separate state, and respond through bound channels until explicitly removed.
The skill creates persistent independent agents with their own workspaces, sessions, and models. This is the declared purpose, but it is a form of ongoing agent persistence users should understand.
创建或卸载独立的 OpenClaw Agent。每个 Agent 拥有独立工作区、独立会话、独立模型,与主 Agent 完全隔离。
Create only agents you intend to maintain, choose clear IDs, review bindings periodically, and uninstall unused agents with verified backups.