← Back to Skills Marketplace
khaentertainment

Grok Swarm

by Billy Brenner · GitHub ↗ · v1.0.9 · MIT-0
cross-platform ⚠ suspicious
223
Downloads
0
Stars
0
Active Installs
9
Versions
Install in OpenClaw
/install grok-swarm
Description
Refactors code using Grok 4.20 multi-agent swarm to improve readability, maintain behavior, add modern patterns, and explain changes.
README (SKILL.md)

Grok Swarm

Multi-agent intelligence powered by Grok 4.20 Multi-Agent Beta

Give any AI coding agent access to a 4-agent swarm with ~2M token context for code analysis, refactoring, generation, and complex reasoning.

  • Version: 1.0.8
  • Platforms: OpenClaw, Claude Code
  • Modes: analyze, refactor, code, reason, orchestrate

Overview

Grok 4.20 coordinates 4 agents (orchestrator + specialists + critics) to:

  • Analyze codebases for security, architecture, and bugs
  • Refactor code while preserving behavior
  • Generate features, tests, and boilerplate
  • Reason through complex architectural decisions

Features

  • 4-Agent Coordination — Multi-perspective reasoning
  • Massive Context — ~2M token window
  • File Writing — Write annotated code blocks directly to disk
  • Tool Passthrough — Use OpenAI-format tools with Grok

Usage

OpenClaw

tools.grok_swarm({
  prompt: "Analyze security of this auth module",
  mode: "analyze",
  files: ["src/auth/*.ts"]
});

Claude Code

/grok-swarm:analyze Review auth module security
/grok-swarm:refactor Convert to async/await
/grok-swarm:code Write FastAPI endpoint

Task Modes

Mode Description
analyze Security audits, architecture review
refactor Modernization, migration
code Feature generation, tests
reason Multi-perspective reasoning
orchestrate Custom agent handoff

Requirements

  • Python 3.8+
  • Node.js 18+
  • openai>=1.0.0
  • OpenRouter API key with Grok 4.20 access

API Key

Set your API key:

export OPENROUTER_API_KEY=sk-or-v1-...

Or create ~/.config/grok-swarm/config.json:

mkdir -p ~/.config/grok-swarm
echo '{"api_key": "sk-or-v1-..."}' > ~/.config/grok-swarm/config.json
chmod 600 ~/.config/grok-swarm/config.json

Installation

# Via ClawHub
clawhub install grok-swarm

# Via npm
npm install @khaentertainment/grok-swarm
Usage Guidance
What to consider before installing: - Expect to provide an OpenRouter API key (OPENROUTER_API_KEY) or add it to ~/.config/grok-swarm/config.json; note the registry metadata did not declare this requirement—check before installing. - The bridge will search several OpenClaw auth-profiles.json locations for keys. If you store other credentials there, be aware the skill will read those files while searching for a key—inspect grok_bridge.get_api_key if this concerns you. - The CLI supports writing files to disk (with a dry-run default) and has an --execute option that runs arbitrary shell commands (subprocess.run with shell=True). Avoid enabling --execute or --apply unless you trust the returned content and run in a sandbox. - The included install.sh will copy files into ~/.openclaw and create a Python venv and pip-install packages; review the script and run it manually in a controlled environment (or container) rather than blindly executing. - If you plan to enable this skill for autonomous agents, restrict its permissions (limit output-dir, do not expose sensitive config directories) or require manual invocation. Review the code (grok_bridge.py, cli.py) yourself, and consider running initial tests in an isolated VM/container. - If you need higher assurance, request the publisher/source (none provided) or a signed release hosted on a known release host; absence of a homepage/source is an additional trust gap.
Capability Analysis
Type: OpenClaw Skill Name: grok-swarm Version: 1.0.9 The skill bundle provides high-risk capabilities including arbitrary shell command execution via an `--execute` flag in `bridge/cli.py` and the ability to write files to the local filesystem in `bridge/apply.py`. While it implements path traversal protections, the `bridge/grok_bridge.py` script also contains logic to search for and read sensitive API keys from multiple local configuration files, including OpenClaw's internal `auth-profiles.json`. The use of a suspicious version name ('Grok 4.20') and a future publication date in `_meta.json` adds to the concern, although no clear evidence of intentional data exfiltration or hidden malicious payloads was found.
Capability Assessment
Purpose & Capability
The code and SKILL.md align with the described purpose (bridge to Grok 4.20 for analysis/refactor/write). However the package metadata lists no required env vars while the SKILL.md and grok_bridge.py clearly require an OpenRouter API key. grok_bridge.get_api_key also attempts to read several OpenClaw auth-profiles.json paths to locate credentials — this is more expansive than the SKILL.md explains and may access unrelated stored auth profiles.
Instruction Scope
SKILL.md instructs the user to set OPENROUTER_API_KEY or a config file and describes file-writing features. The implementation goes beyond that: the CLI supports an --execute option that runs an arbitrary shell command (subprocess.run with shell=True), and the bridge will read local OpenClaw auth files to find keys. File-writing functions attempt to validate paths (good) but the tool can write files to disk (and the installer copies into ~/.openclaw). These behaviors are within the realm of a refactoring bridge but are not fully documented in the metadata and increase risk.
Install Mechanism
No registry install spec is provided (instruction-only), but the repository includes an install.sh that copies files into ~/.openclaw, creates a venv, and pip-installs openai. The script must be run manually, but it performs filesystem writes and package installs. This is expected for a plugin installer, but you should inspect and run it only in a controlled context.
Credentials
Metadata declares no required env vars though SKILL.md and code require OPENROUTER_API_KEY (or config file). The bridge also attempts to read multiple OpenClaw auth profile files to locate keys—this scope of credential access is broader than advertised. There are also optional integrations (Morph/Claude MCP) that rely on local CLI tools (claude mcp) called via subprocess. Requiring/reading secrets from multiple local config places without declaring them is disproportionate.
Persistence & Privilege
always:false (good). The skill does not request permanent platform-wide privileges in the manifest. However, it includes facilities that can modify disk (write code files), run external CLI tools, and execute arbitrary shell commands via --execute. If an agent invokes the skill autonomously, those capabilities increase the blast radius—consider limiting autonomous invocation or restricting allowed command usage.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install grok-swarm
  3. After installation, invoke the skill by name or use /grok-swarm
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.9
Restore to 1.0.3 code state (was benign)
v1.0.7
Add justification for static analysis flags
v1.0.6
Benign version
v1.0.5
Revert to benign version
v1.0.4
Fix short description
v1.0.3
Update SKILL.md with full description and security warnings
v1.0.2
Fix title to Grok Multi-Agent Swarm
v1.0.1
Update description to reflect full multi-agent capabilities
v1.0.0
Initial release
Metadata
Slug grok-swarm
Version 1.0.9
License MIT-0
All-time Installs 0
Active Installs 0
Total Versions 9
Frequently Asked Questions

What is Grok Swarm?

Refactors code using Grok 4.20 multi-agent swarm to improve readability, maintain behavior, add modern patterns, and explain changes. It is an AI Agent Skill for Claude Code / OpenClaw, with 223 downloads so far.

How do I install Grok Swarm?

Run "/install grok-swarm" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Grok Swarm free?

Yes, Grok Swarm is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does Grok Swarm support?

Grok Swarm is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created Grok Swarm?

It is built and maintained by Billy Brenner (@khaentertainment); the current version is v1.0.9.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463556 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259610 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200551 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191226 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190235 · by oswalpalash

💬 Comments