OpenClaw 编程 智能体 Workflows
v1.0.0Delegate 编程 tasks to Codex, Claude 代码, Pi, or OpenCode from bash with safe launch modes, background monitoring, and repo-isolated review workflows.
0· 35·0 当前·0 累计
by 安全扫描
OpenClaw
可疑
medium confidenceThe skill's instructions broadly match its stated purpose, but it omits some required local tools and explicitly recommends bypassing permission controls and running agents in full-auto/PTY modes — behaviors that increase risk and raise coherence questions.
评估建议
This skill is coherent with its goal of orchestrating other coding agents, but there are actionable concerns you should consider before using it:
- Missing local dependencies: Examples call git, gh, mktemp, and bash behaviors not declared in the metadata. Ensure those CLIs exist and are the versions you expect.
- Permission bypass: The advice to run Claude Code with '--permission-mode bypassPermissions' effectively disables safety controls. Avoid that flag unless you fully trust the agent binar...详细分析 ▾
ℹ 用途与能力
The name/description claim to delegate coding agents, and the skill only requires at least one agent binary (claude, codex, opencode, pi), which aligns with the purpose. However, the runtime instructions routinely call other local tools (git, gh, mktemp, bash) and rely on CLI semantics (process action:*, openclaw system event) that are not declared in the metadata. The omission of utilities like git/gh and reliance on unrestricted cloning/execution is an inconsistency (not necessarily malicious) that the user should be aware of.
⚠ 指令范围
SKILL.md instructs the agent to run external coding agents in PTY/full-auto modes and to clone and execute inside repositories. It explicitly recommends Claude Code use '--permission-mode bypassPermissions' (which appears to circumvent permission constraints). The instructions permit launching long-running background sessions and submitting interactive responses — all of which can execute arbitrary code inside local checkouts. While these actions are within the claimed purpose, the permission-bypass recommendation and the lack of explicit safety checks or audit/verification steps are significant scope concerns.
✓ 安装机制
This is an instruction-only skill with no install spec and no code files, so nothing is written to disk by installation. That is the lowest install risk.
ℹ 凭证需求
No environment variables or credentials are requested by the skill metadata, which is proportionate. That said, example workflows expect tools that may themselves require credentials (e.g., gh, codex/claude API keys) but the skill does not declare or explain how to supply or protect those. The explicit encouragement to use '--permission-mode bypassPermissions' for Claude Code is disproportionate for a skill that doesn't otherwise request elevated access — it suggests bypassing protections outside the skill's declared scope.
✓ 持久化与权限
always:false and no install-time persistence are set. The skill can be invoked autonomously per platform defaults, which is expected. It does not request to modify other skills or agent-wide settings.
安全有层次,运行前请审查代码。
运行时依赖
无特殊依赖
版本
latestv1.0.02026/4/17
Initial release: OpenClaw coding-agent orchestration workflow with execution matrix, background session control, and repo-safe review patterns.
● 可疑
安装命令
点击复制官方npx clawhub@latest install openclaw-coding-agent-workflows
镜像加速npx clawhub@latest install openclaw-coding-agent-workflows --registry https://cn.longxiaskill.com镜像同步中