← Back to Skills Marketplace
matzoh

Matz Swarm

by Matzoh · GitHub ↗ · v1.1.1
cross-platform ⚠ suspicious
473
Downloads
0
Stars
1
Active Installs
19
Versions
Install in OpenClaw
/install matz-swarm
Description
Orchestrate OpenClaw Agent Swarm workflows for multi-project coding automation with Obsidian task intake, Claude coding, Codex review, GitLab MR flow, merge+...
Usage Guidance
What you should consider before installing: - Read the scripts top-to-bottom. This skill will create worktrees, run tmux sessions, change files (tasks.json, registry.json, Obsidian notes/context.md), push branches, create/merge MRs, and delete worktrees/logs. Back up repositories and notes before running. - Credentials: the scripts expect authenticated CLIs (claude/codex OAuth config, glab/gh auth, and openclaw or webhook config). The skill metadata does not declare these env vars — you must ensure tokens are scoped and stored safely (use least privilege tokens for the Git provider and notification system). - Dangerous CLI flags: the code deliberately uses flags like --dangerously-skip-permissions and --dangerously-bypass-approvals-and-sandbox to bypass approval/trust dialogs for automation. If you plan to use this, remove or audit those flags so automated agents cannot bypass safety sandboxes. - Automatic merges: the SKILL.md maps simple user intents (e.g., user replies "merge") to immediate merge-and-sync actions without confirmation. If you need human review, modify the Intent→Action mapping or disable autonomous invocation/require explicit confirmations for merges. - Testing: run the system in an isolated test account/repo first. Configure cron disabled until you have verified behavior. Limit notification targets (e.g., set notifyMethod to none) until you trust behavior. - Minimal changes: if you want the orchestration but safer defaults, consider edits: remove 'dangerous' CLI flags, require manual approval before merging, add explicit declared required env vars in the skill metadata, and tighten the notification delivery paths. If you want, I can produce a concise list of edits to the scripts to harden default behavior (disable dangerous flags, add confirmation prompts for merging, and declare expected env vars).
Capability Analysis
Type: OpenClaw Skill Name: matz-swarm Version: 1.1.1 The bundle describes a complex 'Agent Swarm' orchestrator that automates coding tasks using LLMs and Git. While the intent appears to be a legitimate productivity tool, it implements extremely high-risk security patterns, including explicitly disabling AI safety sandboxes and permission prompts (e.g., '--dangerously-skip-permissions' for Claude and '--dangerously-bypass-approvals-and-sandbox' for Codex in config.sh). It also performs automated 'npm install' on AI-generated code and uses cron jobs to execute shell scripts based on the contents of local Markdown files (scan-obsidian.sh), creating a significant attack surface for RCE via prompt injection or local file manipulation. No clear evidence of intentional malice or data exfiltration was found, but the design is inherently insecure.
Capability Assessment
Purpose & Capability
The name/description (agent swarm for multi-project automation) aligns with the shipped scripts: spawning worktrees, running coding/review agents, creating MRs, syncing main, and writing back to Obsidian/task files. Expected tools (claude, codex, glab/gh, tmux, jq, python3) are referenced in the docs and scripts. Minor coherence issue: registry metadata lists no required env vars/credentials even though the runtime depends on authenticated CLIs (claude, codex, glab/gh, openclaw) and local config files (~/.claude.json, glab auth).
Instruction Scope
SKILL.md + scripts instruct the agent to take immediate actions for mapped user intents (e.g., when user replies "merge" to a PR_READY notification, run merge-and-sync.sh without confirmation). The scripts modify local repos, worktrees, registry.json, tasks.json, and Obsidian notes. They also call coding/review CLIs with explicit flags that bypass safety/permission dialogs (e.g., claude --dangerously-skip-permissions, codex exec --dangerously-bypass-approvals-and-sandbox). Those 'dangerously' CLI options plus instruction-to-act-immediately broaden the blast radius; the instructions also spawn autonomous tmux sessions to run agents and perform git push/merge operations.
Install Mechanism
No external download/install spec is provided — the skill is instruction-plus-scripts and the README shows a portable install (copy scripts to ~/agent-swarm). That is low risk from supply-chain perspective since nothing is being downloaded during install by the skill itself. The included scripts will be written to the filesystem when the user follows the portable install steps.
Credentials
Registry metadata declares no required env vars or primary credential, but the runtime needs authenticated CLIs and local config: ~/.claude.json and ~/.claude/settings.json (OAuth/trust), glab/gh authentication for repo/MR actions, and openclaw or webhook configuration for notifications. The skill also supports SWARM_* env overrides. The absence of declared required credentials is a coherence issue — the skill will need privileged tokens (git provider, Claude/Codex auth, openclaw webhook or account) to function and could act using those credentials.
Persistence & Privilege
always:false, but the skill instructs the agent to perform automated merges and other repo-modifying actions immediately on certain intents without interactive confirmation; together with default autonomous-invocation behavior this materially increases risk. The scripts perform persistent changes to user files and repos (tasks.json, registry.json, Obsidian notes, worktrees), can remove worktrees, and will push and merge code — these are high-privilege filesystem and VCS operations within the scope of the described purpose and should be gated by confirmations or limited scopes.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install matz-swarm
  3. After installation, invoke the skill by name or use /matz-swarm
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.1.1
完善 skill description,明确 合并/PR_READY 触发场景,让 AI 无需上下文也能匹配
v1.1.0
merge-and-sync 改为调 check-agents 处理通知;通知配置移到 registry.json;新增 Intent→Action Mapping
v1.0.16
fix: thorough MR title sanitization - strip newlines, special chars, compress whitespace, fallback to Task ID
v1.0.15
fix: MR title truncated to first line (multi-line Obsidian desc broke glab mr create)
v1.0.14
docs: fix cron examples and context.md update rule in SKILL.md
v1.0.13
force republish: sync SKILL.md with updated cron intervals and context.md location
v1.0.12
sync description from SKILL.md frontmatter
v1.0.11
docs: sync SKILL.md and README.md with latest changes (cron intervals, context.md location, dispatcher rule)
v1.0.10
recommend faster cron intervals (3min check, 5min scan), no token cost
v1.0.9
fix: multi-line Obsidian task description, auto-reset on no-output
v1.0.8
fix: context.md in project repo, widen auto-update trigger, PATH var expansion
v1.0.7
fix: widen context.md auto-update trigger to include new features and gameplay changes
v1.0.6
fix: expand $HOME and ~ in config.extraPath, fixes claude not found in cron
v1.0.5
fix: configurable PATH via config.extraPath, fixes claude command not found in cron
v1.0.4
fix: stabilize MR creation with target-branch and debug logging
v1.0.3
docs: add dispatcher-not-analyst guardrail
v1.0.2
fix: ensure worktree cd before MR creation
v1.0.1
v1.0.1: fix notification templates, remove duplicate MR creation, add config.sh provider abstraction
v1.0.0
v1.0.0: Provider-agnostic coding agent swarm - supports gitlab/github, claude/codex/aider, openclaw/webhook
Metadata
Slug matz-swarm
Version 1.1.1
License
All-time Installs 1
Active Installs 1
Total Versions 19
Frequently Asked Questions

What is Matz Swarm?

Orchestrate OpenClaw Agent Swarm workflows for multi-project coding automation with Obsidian task intake, Claude coding, Codex review, GitLab MR flow, merge+... It is an AI Agent Skill for Claude Code / OpenClaw, with 473 downloads so far.

How do I install Matz Swarm?

Run "/install matz-swarm" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Matz Swarm free?

Yes, Matz Swarm is completely free (open-source). You can download, install and use it at no cost.

Which platforms does Matz Swarm support?

Matz Swarm is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created Matz Swarm?

It is built and maintained by Matzoh (@matzoh); the current version is v1.1.1.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463815 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259802 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200680 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191345 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190333 · by oswalpalash

💬 Comments