Team Tasks.Skip
WarnAudited by ClawScan on May 10, 2026.
Overview
This skill is mostly a local task tracker, but it can send project details to hard-coded Telegram agent sessions, so users should review and configure it carefully before use.
Before installing, confirm that the hard-coded Telegram session keys are your own intended agents or replace them. Use a bounded workspace, avoid sending secrets or private code until you trust the destinations, review the bundled Python script, and approve dispatches manually for sensitive projects.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Project details, file paths, and prior agent outputs could be sent to specific external agent/chat sessions if the user runs the dispatch workflow as written.
The skill directs the agent to send task and project context to fixed Telegram group-backed sessions. Those destinations are disclosed, but they are hard-coded and not clearly tied to the installing user's own agents or approval flow.
Dispatch agent: sessions_send(sessionKey="agent:<agent>:telegram:group:<id>", message=<task>); Session keys include `agent:code-agent:telegram:group:-5189558203`; dispatch messages include `Project context`, `Working directory`, and `Previous stage output`.
Verify that every session key belongs to your intended agents before use, replace hard-coded IDs with user-controlled configuration, and require explicit approval before sending sensitive project context.
A dispatched worker agent may modify files or run commands in its workspace while completing assigned tasks.
The documentation describes delegated worker agents that may directly read, write, edit, and execute as part of development work. This is purpose-aligned for a development pipeline, but it is high-impact authority that users should supervise.
`sessions_send` labels connect AGI to agents; Code Agent responsibility: `代码开发 — 直接使用 read/write/edit/exec 开发`.
Use a bounded workspace, review diffs and command results, and require human approval before allowing dispatched agents to make irreversible changes.
Sensitive task details may remain on disk, and incorrect or malicious agent output could be propagated into later tasks.
The skill persists task logs/results and reuses prior agent outputs as context for later agents. This is expected for orchestration, but stored or untrusted outputs can influence later work.
Data stored as JSON in `/home/ubuntu/clawd/data/team-tasks/` (override with `TEAM_TASKS_DIR` env var); `ready --json` includes `depOutputs` — previous stage results to pass to agents.
Store task files in a project-scoped directory, clean them when no longer needed, and review agent outputs before passing them to other agents.
Users have less registry-level provenance information for the bundled helper script they are expected to run.
The skill includes a runnable Python helper but has limited registry provenance metadata. No remote install script or suspicious static finding is shown, so this is a provenance note rather than a direct malicious indicator.
Source: unknown; Homepage: none; No install spec — this is an instruction-only skill; Code file presence: scripts/task_manager.py (39963 bytes).
Review the bundled script and install only from a source you trust; prefer a version with clear repository and release provenance.