← Back to Skills Marketplace
Squad Control
by
Wilson Gan
· GitHub ↗
· v1.4.0
· MIT-0
619
Downloads
0
Stars
0
Active Installs
13
Versions
Install in OpenClaw
/install squad-control
Description
Integrate with Squad Control kanban for AI agent task orchestration. ⚠️ Security note: This skill handles GitHub tokens and API keys by design — it clones pr...
Usage Guidance
What to check before installing:
- Confirm the registry metadata is updated: SKILL.md requires SC_API_URL and SC_API_KEY but the registry lists none — ask the publisher to fix this.
- Prefer a workspace-scoped SC_API_KEY instead of an account-scoped key unless you intentionally need multi-workspace polling. Account-scoped keys can expose per-workspace githubToken fields (write access to repos).
- Review the included scripts yourself (poll-tasks.sh, poll-parser.py, tests). They perform network calls and git operations — inspect and run tests in an isolated environment first.
- The setup instructs storing SC_API_KEY in ~/.openclaw/openclaw.json and creating cron jobs; understand that this persists a sensitive secret on disk. Consider protecting that file, using least-privilege keys, and rotating tokens regularly.
- The SKILL.md references a wake-listener script (scripts/wake-listener.sh) that is not in the bundle — ask the publisher for the missing file or an updated SKILL.md to avoid runtime surprises.
- If you will allow the skill to spawn local sub-agents or call the local gateway, audit and restrict SC_WAKE_LOCAL_GATEWAY_TOKEN / gateway.token usage and ensure your OpenClaw runtime is secured.
- If you do not fully trust the Squad Control instance, do not provide account-scoped keys or allow the skill to persist credentials. When in doubt, keep keys workspace-scoped and grant minimal GitHub PAT scopes.
Capability Analysis
Type: OpenClaw Skill
Name: squad-control
Version: 1.4.0
The squad-control skill is a high-privilege orchestration tool designed to automate agent workflows, including cloning private repositories, spawning sub-agents, and performing automated git merges. While its behavior is aligned with the stated purpose of integrating with squadcontrol.ai, it possesses significant high-risk capabilities: it fetches task descriptions and agent personas ('soulMd') from a remote API to dynamically generate prompts for sub-agents, and it includes logic for automated PR merging and 'stuck task' recovery. These features, primarily defined in SKILL.md and executed via scripts/poll-tasks.sh and scripts/poll-parser.py, create a large attack surface for remote prompt injection and unauthorized code modification if the remote API is compromised.
Capability Assessment
Purpose & Capability
The SKILL.md clearly requires SC_API_URL and SC_API_KEY and explains GitHub token usage (cloning private repos, creating PRs). However the registry metadata lists no required environment variables or primary credential — that mismatch is an incoherence. The declared capabilities (repo cloning, PR creation, spawning sub-agents) do align with the skill name and description, so the functionality itself is plausible, but the missing/incorrect metadata is concerning.
Instruction Scope
Runtime instructions explicitly read/persist secrets (SC_API_KEY in ~/.openclaw/openclaw.json), call Squad Control APIs, use per-workspace githubToken values returned by the API, clone/push repos, and call local OpenClaw endpoints to spawn sessions. These actions are in-scope for a kanban/orchestration integration. Two issues to note: (1) SKILL.md references a wake-listener script (scripts/wake-listener.sh) that is not present in the file manifest — an inconsistency; (2) instructions encourage storing SC_API_KEY in persistent config and wiring cron jobs, which increases the attack surface if the key is account-scoped.
Install Mechanism
There is no network install/download spec; scripts and documentation are bundled with the skill (python/bash tests and parser). Instruction-only with bundled scripts is lower-risk than fetching arbitrary remote archives. No suspicious remote install URLs were used.
Credentials
The skill legitimately needs SC_API_URL and SC_API_KEY and may use a GITHUB_TOKEN for private repos. But an account-scoped SC_API_KEY can expose multiple workspaces' repo URLs and embedded githubToken values — granting broad repo-level write access. The SKILL.md also encourages persisting SC_API_KEY in ~/.openclaw/openclaw.json and optionally pointing to local gateway tokens, increasing persistence of secrets. The registry metadata's omission of required env vars amplifies the risk because an operator might not realize sensitive keys are needed.
Persistence & Privilege
always:false and normal agent invocation are appropriate. The real persistence concern is operational: the setup instructions require adding SC_API_KEY to OpenClaw config and scheduling cron jobs that run the skill periodically and can spawn sub-agents. This is expected for an orchestrator but increases blast radius if the API key is account-scoped or the Squad Control instance is untrusted.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install squad-control - After installation, invoke the skill by name or use
/squad-control - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.4.0
Add agentState continuity, blocked-task dedup, incremental thread fetch rules; new reference files: advanced-flows, api-reference, workspace-config
v1.3.0
Wake relay architecture: Cloudflare WebSocket relay for low-latency task dispatch (~500ms vs 15min cron), ACP sessions.spawn with 404 capability caching, hardened chat fallback prompt (execution-turn semantics), GITHUB_TOKEN properly exported in agent env. Polling: default interval 5m (was 15m), lock TTL tuned to 4m, wake listener now opt-in via ENABLE_WAKE_LISTENER=1 on managed installs.
v1.2.1
Hardened polling: POLL_RESULT structured envelope, lock/lease overlap protection, retry/backoff/timeouts, extracted parser with tests, SC_REVIEWER_AGENT_ID and SC_DEFAULT_BRANCH config knobs, migration notes and JSON schema
v1.1.6
Fix: dispatch thread message posts as squad lead (SQUAD_LEAD_ID), not assigned agent
v1.1.5
v1.1.5: Fix task.agent nested field docs — clarify task.agent.name/model/soulMd/_id, warn against non-existent task.agentName flat field
v1.1.3
v1.1.3: Strengthen review enforcement — spawn prompt now explicitly blocks /complete when PR exists; stuck task recovery now catches done tasks with unmerged PRs and auto-creates Hawk review tasks
v1.1.2
Add security transparency note to description: skill handles GitHub tokens and API keys by design. No functional changes.
v1.1.1
Security fix: remove VPS-internal scripts (deploy.sh, check-build-status.sh, workspace-utils.sh, workspaces.json) that were incorrectly bundled in 1.1.0. These files contained hardcoded paths and credential references not suitable for public distribution.
v1.1.0
Multi-workspace support: account-level API keys, workspace object embedded per task
v1.0.3
• Removed residual local deploy-key example from SKILL.md (CONVEX_DEPLOY_KEY usage); deploys are now CI/manual-controlled only.
• Confirmed skill bundle no longer includes hardcoded credential files or host credential-file reads.
• Standardized required env metadata to SC_API_URL + SC_API_KEY (optional GITHUB_TOKEN) and aligned docs/instructions.
• Removed legacy MC_*/undeclared-token patterns from skill instructions.
• Net result: reduced credential-exfiltration risk and improved ClawHub/OpenClaw assessment compatibility.
v1.0.2
Fix: remove SC_API_KEY from cron message text (security); add security note to setup guide about using env vars instead of embedding secrets in cron messages
v1.0.1
- Declared SC_API_URL, SC_API_KEY, and GITHUB_TOKEN as required/optional env vars in skill metadata.
- Fixed security issue: replaced token-in-URL pattern (https://<token>@github.com/...) with git -c credential.helper for all clone operations — prevents token leaking via process lists, git remotes, or logs.
- Updated guidance to explicitly warn against URL token embedding.
v1.0.0
Squad Control 1.0.0 — Initial release
Connect your OpenClaw agent to Squad Control (https://squadcontrol.ai/) for fully automated AI task orchestration.
• Poll for pending tasks and dispatch sub-agents automatically
• Pick up, work, submit for review, and complete tasks through the full kanban lifecycle
• Auto-rescue stuck tasks and route code reviews via agent role detection
• Create PRs on GitHub and report results back to Squad Control
• Enforce per-workspace concurrency limits to control parallel execution
• Includes setup guide, API reference, PR template, and review checklist
Metadata
Frequently Asked Questions
What is Squad Control?
Integrate with Squad Control kanban for AI agent task orchestration. ⚠️ Security note: This skill handles GitHub tokens and API keys by design — it clones pr... It is an AI Agent Skill for Claude Code / OpenClaw, with 619 downloads so far.
How do I install Squad Control?
Run "/install squad-control" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Squad Control free?
Yes, Squad Control is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does Squad Control support?
Squad Control is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Squad Control?
It is built and maintained by Wilson Gan (@wgan); the current version is v1.4.0.
More Skills