Is dabruhce/multi-agent-orchestration safe?

https://github.com/openclaw/skills/tree/main/skills/dabruhce/multi-agent-orchestration

87
SAFE

This is a legitimate and well-documented multi-agent orchestration skill that provides task delegation and workflow management capabilities. While complex, no malicious behavior was detected during installation or in the code structure.

Category Scores

Prompt Injection 95/100 · 30%
Data Exfiltration 90/100 · 25%
Code Execution 80/100 · 20%
Clone Behavior 95/100 · 10%
Canary Integrity 100/100 · 10%
Behavioral Reasoning 75/100 · 5%

Findings (4)

INFO Complex Multi-Agent Orchestration System -15

This skill implements a sophisticated multi-agent system with 13 specialized agents, complex workflow orchestration, and learning capabilities. While legitimate, complex systems have larger attack surfaces.

LOW Contains Executable JavaScript Code -10

The skill includes Node.js scripts for multi-agent orchestration. This is expected for the skill's functionality but represents executable code.

LOW File System Access During Installation -10

Monitoring detected file system access during installation, but this appears to be from normal system processes during git clone operations.

LOW External Dependency Usage -10

The skill depends on the js-yaml package, introducing external code into the system.