ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Cursor Council

v1.0.0

Multi-Cursor orchestration for parallel task execution and AI council deliberation. Use when needing to run multiple Cursor agents in parallel, coordinate complex multi-step coding tasks, get diverse perspectives from different AI models (Opus/Sonnet/GPT) on technical decisions, or synthesize multi-agent discussions into actionable recommendations.

0· 1.3k·3 current·3 all-time
by@xiaoyaner0201
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
Name/description (multi-agent orchestration, deliberation) align with the declared requirements: it needs tmux and an 'agent' CLI and depends on a 'cursor-agent' skill. The install entries only provide tmux via brew/apt which is proportionate.
!
Instruction Scope
SKILL.md instructs the agent to create tmux sessions, write temp prompt files, run the 'agent' CLI with --force, capture pane outputs, and synthesize results. That is within the stated purpose, but the skill includes many persona templates that instruct the models to 'be' named real individuals (Joe Armstrong, TJ Holowaychuk, Ryan Dahl, etc.) and contains detected prompt-injection patterns (unicode control characters). The presence of invisible control characters in the runtime instructions is a red flag because it can manipulate LLM parsing/behavior. Also the prompts encourage impersonation of real people, which may produce misleading or legally/ethically risky outputs.
Install Mechanism
Only installs are standard package-manager entries for tmux (brew/apt). No downloads from URLs or archive extraction. Low install risk.
Credentials
The skill requests no environment variables or credentials. It expects the 'agent' CLI to be logged in and a separate 'cursor-agent' skill to be configured, which is consistent with its function. It does not request unrelated credentials or config paths.
Persistence & Privilege
always is false (not force-enabled), and the skill doesn't attempt to change other skills or system-wide configs. Runtime behavior writes temporary files under /tmp and creates tmux sessions — typical for this use-case and scoped to the invoking user session.
Scan Findings in Context
[unicode-control-chars] unexpected: The scanner detected unicode control characters / prompt-injection patterns embedded in SKILL.md. This is not necessary for orchestrating tmux/agent sessions and is suspicious because such characters can alter LLM input parsing or hide malicious directives.
What to consider before installing
This skill is coherent with its stated purpose (using tmux to run multiple Cursor agents), but exercise caution before installing or running it. Specific recommendations: - Do not run it against sensitive repositories or systems until you audit the SKILL.md and reference files yourself. The skill writes prompt files and runs agent CLI commands that will send text to external models; avoid exposing secrets. - Inspect the SKILL.md and the reference files in a text editor that can show invisible characters; remove any unexpected unicode control characters before use. - The prompt templates ask models to impersonate named real people. That may yield fabricated or misleading statements and could be legally/ethically problematic; consider replacing impersonation prompts with neutral role descriptions instead. - Avoid using --force or running tasks directly on main branches; follow the skill's own advice to use dedicated branches and test on a disposable repo or workspace first. - Ensure your 'agent' CLI is logged in to an account you control, and verify which models/transport it will use (and that you have appropriate API keys configured and scoped). The skill assumes external model access but does not manage credentials itself. - If you don't trust the unknown source (no homepage, unknown owner), prefer re-implementing the essential orchestration steps yourself from the provided templates rather than installing blindly. If you want, I can (1) show how to sanitize the prompt templates to remove impersonation and control characters, or (2) generate a minimal safe wrapper script that only launches tmux sessions without writing persona files.

Like a lobster shell, security has layers — review code before you run it.

latestvk97a5aqnkdabg8c05a7pe22rax80q8yt

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🎭 Clawdis
Binstmux, agent

Install

Install tmux (brew)
Bins: tmux
brew install tmux

Comments