by 安全扫描
OpenClaw
可疑
medium confidenceThe skill's instructions are coherent with coordinating multiple agents, but it omits and assumes access to host binaries and specific user filesystem paths (and executing arbitrary 'codex exec' commands), which is inconsistent and needs user verification before use.
评估建议
This skill appears to be a workflow pattern for running multiple agent roles, but it assumes host-side capabilities that it does not declare. Before installing or running it: (1) verify you have and trust the 'codex' CLI and git on your machine; (2) edit the SKILL.md/scripts to point at safe workspace paths (avoid hardcoded /Users/liuchang paths) or run in an isolated sandbox/VM; (3) inspect any 'codex exec' invocations because they execute arbitrary instructions and could run code that reads/wr...详细分析 ▾
⚠ 用途与能力
The skill's stated purpose (coordinate coder/tester/reviewer agents using isolated git worktrees) matches the instructions, but the SKILL.md assumes the presence of system tools (git, a 'codex' CLI) and uses absolute user paths. The registry metadata lists no required binaries or environment variables, which is inconsistent with the runtime steps that clearly need git and a 'codex' executable.
⚠ 指令范围
The instructions direct filesystem operations (git worktree creation under /Users/liuchang, cds into agent-specific directories) and invoke 'codex exec' with arbitrary task strings. They reference absolute paths in a specific user's home and relative paths that may access other worktrees (e.g., reviewing ../agent-coder/login.py). This grants the skill broad discretion to read/write and execute within the user's workspace and to run arbitrary commands via the 'codex' tool — actions beyond a pure orchestration description and not limited or sandboxed by the SKILL.md.
ℹ 安装机制
There is no install spec (instruction-only), which reduces installer risk. However, the runtime assumes external binaries (git, codex) are present and executable; the skill does not declare these requirements in the registry metadata. Because nothing is installed by the skill itself, disk-write risk from an installer is low, but runtime execution risk remains due to invoking host tools.
⚠ 凭证需求
The skill requires no declared environment variables or credentials, which is reasonable, but it hardcodes user-specific filesystem paths (/Users/liuchang/...) and implicitly requires access to the user's git repositories and working directories. The lack of declared binaries/env requirements while assuming access to system tools and a specific user's home is a proportionality mismatch and a usability/security concern.
✓ 持久化与权限
The skill is not always-enabled and does not request elevated platform privileges. It does not include installation steps that would persistently modify other skills or system-wide settings. Autonomous invocation is allowed (platform default) but not combined with other high-risk indicators here.
安全有层次,运行前请审查代码。
运行时依赖
无特殊依赖
版本
latestv1.0.02026/3/17
- Initial release of agent-team-pipeline skill. - Enables coordination of multiple AI agents (coder, tester, reviewer) in parallel for code development workflows. - Uses isolated git worktrees for each agent to avoid conflicts. - Includes task distribution pattern and example setup/scripts. - Designed for multi-phase features, not simple or open-ended tasks.
● 无害
安装命令 点击复制
官方npx clawhub@latest install agent-team-pipeline
镜像加速npx clawhub@latest install agent-team-pipeline --registry https://cn.clawhub-mirror.com
技能文档
Overview
Coordinate OpenClaw as the brain dispatching multiple Codex instances in parallel: one for coding, one for testing, one for code review. Each agent works in an isolated git worktree to avoid conflicts.
When to Use
- Need to implement a feature with separate code/test/review phases
- Want parallel execution of independent tasks
- Building a mini development team workflow
Not for:
- Single simple tasks (use single agent)
- Exploratory discussions requiring multi-round dialogue
Core Pattern
User → OpenClaw (brain) → Codex Coder → Codex Tester → Codex Reviewer
→ Codex Tester (parallel)
→ Codex Reviewer (parallel)
Setup
1. Create Isolated Worktrees
cd /Users/liuchang/.openclaw/workspace
git worktree add -b coder /Users/liuchang/agent-coder HEAD
git worktree add -b tester /Users/liuchang/agent-tester HEAD
git worktree add -b reviewer /Users/liuchang/agent-reviewer HEAD
2. Task Distribution Script
#!/bin/bash
CODER_DIR="/Users/liuchang/agent-coder"
TESTER_DIR="/Users/liuchang/agent-tester"
REVIEWER_DIR="/Users/liuchang/agent-reviewer"case "$1" in
coder)
cd "$CODER_DIR" && codex exec "$2"
;;
tester)
cd "$TESTER_DIR" && codex exec "$2"
;;
reviewer)
cd "$REVIEWER_DIR" && codex exec "$2"
;;
esac
3. Workflow
- Coder receives task, writes code to
agent-coder/ - Tester receives code, writes tests to
agent-tester/ - Reviewer reviews code, provides feedback
- Loop: Coder addresses feedback → Reviewer confirms
Quick Reference
| Role | Worktree | Command |
|---|---|---|
| Coder | agent-coder | codex exec "implement X" |
| Tester | agent-tester | codex exec "test X" |
| Reviewer | agent-reviewer | codex exec "review X" |
Example
# Coder: Implement feature
codex exec "创建登录功能,使用 JWT"# Tester: Write tests
codex exec "为 ../agent-coder/login.py 写测试"
# Reviewer: Review code
codex exec "审查 ../agent-coder/login.py"
Common Mistakes
- No worktree isolation → Use git worktree to prevent file conflicts
- Sequential when parallel → Coder+Tester+Reviewer can run in parallel
- Skipping review loop → Always verify fixes with reviewer before accepting
Real-World Impact
Successfully implemented hello.py example:
- Coder created initial code
- Tester wrote pytest file
- Reviewer suggested main() +
__main__protection - Coder applied fixes
- Reviewer confirmed compliance
数据来源:ClawHub ↗ · 中文优化:龙虾技能库
OpenClaw 技能定制 / 插件定制 / 私有工作流定制
免费技能或插件可能存在安全风险,如需更匹配、更安全的方案,建议联系付费定制