agile-workflow Security Report — Low Risk | ClawSafe

15 /100

agile-workflow

全自动敏捷协作工作流引擎 - Novel writing workflow automation with multi-agent orchestration

This is a legitimate automated workflow engine for novel writing and task orchestration with no malicious behavior detected. All shell operations are standard process management (pkill, pgrep, find), all file accesses are within declared workspace paths, and no credential harvesting or data exfiltration was found.

Skill Nameagile-workflow

Duration61.3s

Enginepi

✓

Safe to install

Approve for use. The skill's behavior is consistent with a workflow automation tool. Consider adding explicit shell execution documentation to SKILL.md and pinning ioredis to an exact version for supply chain hygiene.

Findings 4 items

Severity	Finding	Location
Low	Shell execution not declared in SKILL.md Doc Mismatch SKILL.md omits that the skill uses child_process exec/execSync for process management (pkill, pgrep, find). While all uses are legitimate process lifecycle operations, this is not documented. execSync(`pkill -f "openclaw.--agent.${agentType}" \|\| true`, { stdio: 'ignore' }) → Add a 'Shell Commands Used' section to SKILL.md listing pkill, pgrep, find and their purpose	`core/agent-process-pool.js:65`
Low	Agent spawning not declared in SKILL.md Doc Mismatch SKILL.md does not document that the skill spawns sub-agents via '/home/ubutu/.npm-global/bin/openclaw agent' command. The skill acts as a multi-agent orchestrator. `const child = spawn(cmd, args, { cwd, env, ... })` → Document the skill_invoke capability in SKILL.md if agents are spawned as subprocesses	`core/agent-process-pool.js:336`
Info	ioredis dependency uses caret range Supply Chain package.json declares ioredis as ^5.10.0 which allows minor/patch updates. While ioredis has no known vulnerabilities at this version, exact pinning is best practice. `"ioredis": "^5.10.0"` → Pin to exact version: "ioredis": "5.10.0"	`package.json:28`
Info	Hardcoded absolute workspace paths Sensitive Access Multiple files use hardcoded paths like /home/ubutu/.openclaw/workspace and /home/ubutu/.npm-global/bin/openclaw. These assume a specific user and installation environment. `workspace: '/home/ubutu/.openclaw/workspace'` → Use environment variables or relative paths for portability	`core/agile-workflow-engine.js:26`

Resource	Declared	Inferred	Status	Evidence
Filesystem	`NONE`	`WRITE`	✓ Aligned	core/agent-process-pool.js:351 - writes Agent output to project dirs
Shell	`NONE`	`WRITE`	✗ Violation	core/agent-process-pool.js:65-69 - uses execSync pkill; core/self-healing-monito…
Environment	`NONE`	`READ`	✓ Aligned	core/agent-process-pool.js:312 - spreads process.env into child env
Network	`NONE`	`NONE`	—	dashboard/backend/server.js only binds localhost:8080
Skill Invoke	`NONE`	`WRITE`	✗ Violation	core/agent-process-pool.js:336 - spawns openclaw agents via CLI

1 Critical 3 findings

💀

Critical Dangerous Command 危险 Shell 命令

rm -rf /

docs/DELIVERY-CHECKLIST.md:256

🔗

Medium External URL 外部 URL

https://opencollective.com/ioredis

package-lock.json:77

🔗

Medium External URL 外部 URL

https://clawhub.com/skills/agile-workflow

package.json:39

File Tree

140 files · 1.3 MB · 51586 lines

JavaScript 66f · 26974L Markdown 64f · 23522L HTML 1f · 669L JSON 7f · 329L Shell 2f · 92L

├─ ▾ 📁 backups

│ └─ ▾ 📁 20260315_215924

│ ├─ 📜 agile-workflow-engine-v5.js JavaScript 783L · 22.1 KB

│ ├─ 📜 agile-workflow-engine-v7.js JavaScript 446L · 12.2 KB

│ ├─ 📜 concurrent-executor-v2.js JavaScript 608L · 16.0 KB

│ ├─ 📜 health-check-v2.js JavaScript 1156L · 38.9 KB

│ ├─ 📜 stress-test.js JavaScript 311L · 10.6 KB

│ └─ 📜 test-framework.js JavaScript 778L · 20.2 KB

├─ ▾ 📁 core

│ ├─ 📜 agent-manager.js JavaScript 668L · 16.4 KB

│ ├─ 📜 agent-process-pool.js JavaScript 745L · 24.9 KB

│ ├─ 📜 agent-supervisor.js JavaScript 169L · 4.3 KB

│ ├─ 📜 agile-workflow-engine.js JavaScript 527L · 13.5 KB

│ ├─ 📜 auto-chunker.js JavaScript 168L · 4.3 KB

│ ├─ 📜 cache-backend.js JavaScript 489L · 11.6 KB

│ ├─ 📜 cache-manager.js JavaScript 535L · 11.6 KB

│ ├─ 📜 circuit-breaker.js JavaScript 718L · 18.9 KB

│ ├─ 📜 cli-enhanced.js JavaScript 739L · 18.4 KB

│ ├─ 📜 concurrent-executor.js JavaScript 572L · 14.9 KB

│ ├─ 📜 config-manager.js JavaScript 746L · 18.2 KB

│ ├─ 📜 context-router.js JavaScript 329L · 8.6 KB

│ ├─ 📜 creativity-scorer.js JavaScript 619L · 17.6 KB

│ ├─ 📜 data-verifier.js JavaScript 209L · 5.1 KB

│ ├─ 📜 dependency-graph-manager.js JavaScript 552L · 13.3 KB

│ ├─ 📜 dependency-manager.js JavaScript 201L · 4.8 KB

│ ├─ 📜 execution-verifier.js JavaScript 367L · 8.6 KB

│ ├─ 📜 failure-handler.js JavaScript 348L · 10.0 KB

│ ├─ 📜 generate-review-tasks.js JavaScript 119L · 4.1 KB

│ ├─ 📜 global-process-manager.js JavaScript 165L · 4.3 KB

│ ├─ 📜 health-check.js JavaScript 984L · 30.9 KB

│ ├─ 📜 health-monitor.js JavaScript 223L · 5.2 KB

│ ├─ 📜 integration-adapter.js JavaScript 254L · 7.5 KB

│ ├─ 📜 integration-test.js JavaScript 115L · 4.5 KB

│ ├─ 📜 llm-gateway.js JavaScript 409L · 9.7 KB

│ ├─ 📜 load-balancer.js JavaScript 667L · 16.1 KB

│ ├─ 📜 log-monitor.js JavaScript 430L · 12.8 KB

│ ├─ 📜 memory-manager.js JavaScript 448L · 10.8 KB

│ ├─ 📜 merge-strategy-manager.js JavaScript 595L · 16.9 KB

│ ├─ 📜 message-bus.js JavaScript 302L · 7.3 KB

│ ├─ 📜 model-switcher.js JavaScript 256L · 7.4 KB

│ ├─ 📜 monitoring-alert-system.js JavaScript 332L · 9.1 KB

│ ├─ 📋 package.json JSON 22L · 462 B

│ ├─ 📜 performance-tuner.js JavaScript 296L · 7.3 KB

│ ├─ 📜 project-manager.js JavaScript 148L · 3.7 KB

│ ├─ 📜 prompt-cache.js JavaScript 348L · 8.4 KB

│ ├─ 📜 quality-validator-rules.js JavaScript 670L · 16.9 KB

│ ├─ 📜 quality-validator.js JavaScript 718L · 17.7 KB

│ ├─ 📜 report-validator.js JavaScript 200L · 4.8 KB

│ ├─ 📜 self-healing-monitor.js JavaScript 988L · 29.1 KB

│ ├─ 📜 task-report-monitor.js JavaScript 198L · 6.0 KB

│ ├─ 📜 task-scheduler.js JavaScript 417L · 13.7 KB

│ ├─ 📜 task-state-tracker.js JavaScript 181L · 4.4 KB

│ ├─ 🔑 token-counter.js ⚠ JavaScript 141L · 3.5 KB

│ ├─ 📜 version-manager.js JavaScript 718L · 18.4 KB

│ ├─ 📜 violation-alarm.js JavaScript 228L · 5.3 KB

│ ├─ 📜 workflow-config.js JavaScript 34L · 981 B

│ └─ 📜 write-domain-isolator.js JavaScript 383L · 10.1 KB

├─ ▾ 📁 dashboard

│ ├─ ▾ 📁 backend

│ │ ├─ 📋 package.json JSON 25L · 507 B

│ │ └─ 📜 server.js JavaScript 467L · 10.4 KB

│ └─ ▾ 📁 frontend

│ └─ 📄 index.html HTML 669L · 16.7 KB

├─ ▾ 📁 docs

│ ├─ 📝 ADD-v7.0-并发安全架构.md Markdown 743L · 21.7 KB

│ ├─ 📝 ADD-v7.1-Agent 自动释放修复.md Markdown 360L · 8.6 KB

│ ├─ 📝 ADD-v7.10-章节细纲并行性分析.md Markdown 335L · 7.1 KB

│ ├─ 📝 ADD-v7.11-章节细纲串行化修改.md Markdown 324L · 7.4 KB

│ ├─ 📝 ADD-v7.12-系统缺陷审查与修复.md Markdown 461L · 10.7 KB

│ ├─ 📝 ADD-v7.13-通用任务系统缺陷修复.md Markdown 427L · 10.9 KB

│ ├─ 📝 ADD-v7.14-Cron 进程泄漏修复.md Markdown 358L · 7.7 KB

│ ├─ 📝 ADD-v7.15-彻底进程清理.md Markdown 372L · 8.8 KB

│ ├─ 📝 ADD-v7.16-源头修复进程泄漏.md Markdown 456L · 9.3 KB

│ ├─ 📝 ADD-v7.17-任务自动调度修复.md Markdown 452L · 10.0 KB

│ ├─ 🔑 ADD-v7.18-Token 超限修复.md ⚠ Markdown 414L · 9.3 KB

│ ├─ 📝 ADD-v7.19-模型限制数据修正.md Markdown 321L · 7.0 KB

│ ├─ 📝 ADD-v7.2-效率优先原则修复.md Markdown 359L · 8.9 KB

│ ├─ 📝 ADD-v7.20-数据真实性强制执行机制.md Markdown 513L · 11.1 KB

│ ├─ 📝 ADD-v7.21-任务依赖链修复.md Markdown 356L · 8.4 KB

│ ├─ 🔑 ADD-v7.22-Token 超限紧急修复.md ⚠ Markdown 299L · 6.4 KB

│ ├─ 📝 ADD-v7.23-异步质量审核机制.md Markdown 356L · 8.4 KB

│ ├─ 📝 ADD-v7.3-小说创作核心模块并发能力分析.md Markdown 391L · 10.6 KB

│ ├─ 📝 ADD-v7.4-全自动小说创作工作流 v4.0-阶段内并发优化.md Markdown 550L · 15.1 KB

│ ├─ 📝 ADD-v7.5-Agent 进程泄漏修复.md Markdown 261L · 6.2 KB

│ ├─ 📝 ADD-v7.6-汇报效率优化.md Markdown 376L · 7.1 KB

│ ├─ 📝 ADD-v7.7-分项任务进度汇报.md Markdown 431L · 9.5 KB

│ ├─ 📝 ADD-v7.8-Agent-Daemon 进程累积修复.md Markdown 325L · 7.4 KB

│ ├─ 📝 ADD-v7.9-10 分钟清理未生效修复.md Markdown 234L · 5.5 KB

│ ├─ 📝 DELIVERY-CHECKLIST.md Markdown 323L · 7.2 KB

│ ├─ 📝 v7.0-使用指南.md Markdown 571L · 15.2 KB

│ ├─ 📝 v7.0-总结报告.md Markdown 514L · 17.1 KB

│ └─ 📝 v7.1-修复报告.md Markdown 265L · 5.9 KB

├─ ▾ 📁 scripts

│ ├─ 📜 analyze-and-cleanup.js JavaScript 341L · 8.4 KB

│ ├─ 🔧 cleanup-old-versions.sh Shell 48L · 1.0 KB

│ ├─ 🔧 deploy-verify.sh Shell 44L · 1.1 KB

│ ├─ 📜 generate-outline-task.js JavaScript 180L · 5.7 KB

│ ├─ 📜 health-check.js JavaScript 394L · 13.5 KB

│ ├─ 📜 optimized-report.js JavaScript 135L · 4.2 KB

│ ├─ 📜 outline-pre-check.js JavaScript 185L · 6.3 KB

│ ├─ 📜 repair-task-states.js JavaScript 250L · 7.5 KB

│ ├─ 📜 submit-report.js JavaScript 210L · 6.1 KB

│ ├─ 📜 task-dependency-generator.js JavaScript 290L · 8.7 KB

│ ├─ 📜 task-status-report.js JavaScript 150L · 4.8 KB

│ ├─ 📜 task-status.js JavaScript 54L · 1.8 KB

│ ├─ 📜 timeline-manager.js JavaScript 223L · 6.5 KB

│ └─ 📜 workflow-monitor.js JavaScript 345L · 9.6 KB

├─ ▾ 📁 test-reports

│ ├─ 📋 test-report-2026-03-12T16-26-49-527Z.json JSON 57L · 2.5 KB

│ └─ 📋 test-report-2026-03-12T16-27-36-343Z.json JSON 54L · 1.2 KB

├─ 📋 _meta.json JSON 6L · 224 B

├─ 📝 ADD-Template.md Markdown 341L · 5.3 KB

├─ 📝 ADD-v5.0.md Markdown 348L · 10.4 KB

├─ 📝 ADD-v5.1.md Markdown 314L · 9.5 KB

├─ 📝 ADD-v5.2.md Markdown 466L · 12.3 KB

├─ 📝 ADD-v6.0-Phase1-Stage3.md Markdown 437L · 9.9 KB

├─ 📝 ADD-v6.0-Phase1-Stage4.md Markdown 530L · 15.6 KB

├─ 📝 ADD-v6.0-Phase1-Stage5.md Markdown 413L · 7.6 KB

├─ 📝 ADD-v6.0-Phase1.md Markdown 315L · 8.3 KB

├─ 📝 ADD-v6.0-Phase2.md Markdown 304L · 10.0 KB

├─ 📝 ADD-v6.0-Phase3.md Markdown 415L · 8.9 KB

├─ 📝 ADD-v6.0-Phase4.md Markdown 398L · 9.4 KB

├─ 📝 ADD-v6.0-Phase5.md Markdown 394L · 9.1 KB

├─ 📝 ADD-v6.0-完整迭代.md Markdown 377L · 9.0 KB

├─ 📝 ADD-v6.0.md Markdown 403L · 12.5 KB

├─ 📝 ADD-v6.1.md Markdown 383L · 7.2 KB

├─ 📋 package-lock.json JSON 126L · 4.4 KB

├─ 📋 package.json JSON 39L · 1.1 KB

├─ 📝 Phase1-完成总结报告.md Markdown 320L · 7.7 KB

├─ 📝 Phase1-进度报告.md Markdown 224L · 4.9 KB

├─ 📝 Phase1-阶段2-完成报告.md Markdown 346L · 6.7 KB

├─ 📝 Phase1-阶段3-完成报告.md Markdown 255L · 6.3 KB

├─ 📝 Phase1-阶段4-完成报告.md Markdown 257L · 6.5 KB

├─ 📝 Phase2-完成报告.md Markdown 298L · 6.6 KB

├─ 📝 Phase2-实施进度报告.md Markdown 170L · 4.1 KB

├─ 📝 Phase3-完成报告.md Markdown 359L · 7.1 KB

├─ 📝 Phase4-完成报告.md Markdown 302L · 6.7 KB

├─ 📝 Phase5-完成报告.md Markdown 302L · 6.5 KB

├─ 📝 README.md Markdown 316L · 6.3 KB

├─ 📝 SKILL.md Markdown 565L · 13.5 KB

├─ 📝 v6.0-整体总结报告.md Markdown 285L · 6.8 KB

├─ 📝 v6.1-最终完成报告.md Markdown 261L · 6.3 KB

├─ 📝 v6.1-完成报告.md Markdown 202L · 4.0 KB

├─ 📝 v6.1-整体完成报告.md Markdown 225L · 5.4 KB

├─ 📝 全面审查报告-v6.0.md Markdown 419L · 8.8 KB

├─ 📝 发布报告-v5.0.md Markdown 351L · 7.9 KB

├─ 📝 发布报告-v5.1.md Markdown 365L · 8.0 KB

├─ 📝 发布报告-v5.2.md Markdown 380L · 9.4 KB

└─ 📝 迭代报告-v4.0.md Markdown 335L · 8.2 KB

Dependencies 1 items

Package	Version	Source	Known Vulns	Notes
`ioredis`	`^5.10.0`	npm	No	Caret range allows minor updates; ioredis has no CVEs at this version

Security Positives

✓ No credential harvesting: Code does not iterate process.env for API keys or access ~/.ssh, ~/.aws, .env files

✓ No data exfiltration: No HTTP requests to external IPs, no data POSTs to remote servers

✓ No obfuscation: No base64-encoded payloads, no eval(atob()), no dynamic code generation

✓ No reverse shell: No network listeners for reverse connections

✓ No supply chain compromise: Only one dependency (ioredis) with no known vulnerabilities

✓ No malicious IOC: The 'rm -rf /' IOC in DELIVERY-CHECKLIST.md is in documentation text, not executable code

✓ Legitimate process management: All shell commands (pkill, pgrep, find) are standard ops for cleaning stale processes

✓ File writes are scoped to declared project directories within the workspace

Scan Report

Findings 4 items

File Tree

Dependencies 1 items

Security Positives