← 返回 Skills 市场
Parallel Agents
作者
jdalbright
· GitHub ↗
· v3.2.0
1578
总下载
0
收藏
8
当前安装
2
版本数
在 OpenClaw 中安装
/install parallel-agents
功能描述
Spawns real AI-powered OpenClaw sub-sessions to run multiple specialized agents concurrently for content, dev, QA, docs, and autonomous workflows.
安全使用建议
This skill implements a legitimate-sounding parallel-agent orchestrator — the code and docs align with that purpose. However, before installing or running it, consider the following: 1) Spawned agents are 'real' sub-sessions that the skill says will have 'all the same tools as the host' — if your host session has access to secrets, file I/O, or networked services, child agents may be able to read and transmit that data. 2) The docs and examples explicitly show reading local files (e.g., open('app.py').read()) and passing their contents to spawned agents — avoid doing that in sessions with sensitive data. 3) A prompt-injection pattern was detected in SKILL.md; review all system prompts and templates in ai_orchestrator.py and helpers.py to ensure they don't instruct child agents to exfiltrate, override safeguards, or run privileged actions. 4) Mitigations: run this skill only in agent sessions that do not hold credentials or sensitive files; sandbox the host so spawned agents cannot access secrets; remove or sanitize example code that reads local files; require admin approval before allowing sessions_spawn in environments with privileged access; audit and possibly restrict which tools child sessions can use. If the vendor can provide documentation guaranteeing spawned sessions do not inherit secret-bearing credentials or can be configured to run with minimal privileges, that would lower the risk and increase my confidence.
功能分析
Type: OpenClaw Skill
Name: parallel-agents
Version: 3.2.0
The skill is classified as suspicious due to its explicit use of OpenClaw's `sessions_spawn` tool, which grants spawned AI sub-sessions 'all the same tools as the host'. While this is the stated purpose of the skill, it represents a high-risk capability. Furthermore, the `ai_orchestrator.py` and `helpers.py` modules construct sub-agent prompts by directly embedding user-provided `task_description` and `input_data`, creating a potential prompt injection surface for sub-agents if a malicious user crafts these inputs. There is no clear evidence of intentional malicious behavior by the skill developer, but the inherent power and potential for misuse warrant a 'suspicious' classification.
能力评估
Purpose & Capability
The files (SKILL.md, README, helpers.py, ai_orchestrator.py, examples) and runtime instructions match the name 'Parallel Agents' — the code and docs implement an orchestrator that calls OpenClaw's sessions_spawn to create real sub-sessions. No unrelated environment variables, binaries, or installs are requested. The lack of a short description in metadata is a minor documentation gap but not an incoherence.
Instruction Scope
The SKILL.md and usage docs instruct the agent to call sessions_spawn with arbitrary 'task' strings and show examples that read local files (e.g., open('app.py').read()) and then send that content to spawned agents for review. The docs explicitly state spawned agents 'are able to use all the same tools as the host.' That means the skill's instructions can cause local files, code, or other runtime state to be transmitted to separate AI sessions (and thus to whatever model/service backs those sessions). The SKILL.md also contains prompt-like material and the repository triggered a 'system-prompt-override' scanner finding — the docs themselves include large system prompts and templates which could be abused or manipulated.
Install Mechanism
No install spec and no external downloads; this is instruction + code packaged with the skill. Because there is no network/install step defined here, nothing arbitrary is pulled during install. The attacker surface comes from runtime behavior, not install-time downloads.
Credentials
The skill requests no env vars, which is reasonable, but it explicitly encourages patterns that read local files and spawn child sessions that inherit host tools. If the host agent has access to credentials, network tools, or sensitive files, child sessions may be able to observe or use that data. The number of required env variables is zero, but the documented behavior effectively requests access to the host runtime and its files — this is a high-impact capability that must be proportional to the user's safety posture.
Persistence & Privilege
The skill does not request 'always: true' and does not persistently modify other skills. However, because spawned child sessions are described as having the same tool access as the host, autonomy (allowed by default) increases blast radius: the orchestrator enables creating autonomous sub-sessions that can be invoked during agent runs. This is expected for an orchestrator but worth flagging as a privilege-expanding pattern when used in sessions that have access to secrets or networked tools.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install parallel-agents - 安装完成后,直接呼叫该 Skill 的名称或使用
/parallel-agents触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v3.2.0
Smart model hierarchy: Haiku → Kimi → Opus. Auto-escalation for cost optimization (~57% savings). Agents now try cheapest model first, escalate to more powerful models if needed.
v3.1.0
Production-ready: Real AI parallel execution with auto-retry, tested and documented. Includes 20+ agent types, helpers module, and working examples.
元数据
常见问题
Parallel Agents 是什么?
Spawns real AI-powered OpenClaw sub-sessions to run multiple specialized agents concurrently for content, dev, QA, docs, and autonomous workflows. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 1578 次。
如何安装 Parallel Agents?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install parallel-agents」即可一键安装,无需额外配置。
Parallel Agents 是免费的吗?
是的,Parallel Agents 完全免费(开源免费),可自由下载、安装和使用。
Parallel Agents 支持哪些平台?
Parallel Agents 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Parallel Agents?
由 jdalbright(@jdalbright)开发并维护,当前版本 v3.2.0。
推荐 Skills