{ "schemaVersion": "1.0", "item": { "slug": "agent-swarm", "name": "Agent Swarm", "source": "tencent", "type": "skill", "category": "AI 智能", "sourceUrl": "https://clawhub.ai/RuneweaverStudios/agent-swarm", "canonicalUrl": "https://clawhub.ai/RuneweaverStudios/agent-swarm", "targetPlatform": "OpenClaw" }, "install": { "downloadMode": "redirect", "downloadUrl": "/downloads/agent-swarm", "sourceDownloadUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=agent-swarm", "sourcePlatform": "tencent", "targetPlatform": "OpenClaw", "installMethod": "Manual import", "extraction": "Extract archive", "prerequisites": [ "OpenClaw" ], "packageFormat": "ZIP package", "includedAssets": [ "README.md", "REVIEW-name-conformity.md", "SKILL.md", "_meta.json", "config.json", "scripts/router.py" ], "primaryDoc": "SKILL.md", "quickSetup": [ "Download the package from Yavira.", "Extract the archive and review SKILL.md first.", "Import or place the package into your OpenClaw setup." ], "agentAssist": { "summary": "Hand the extracted package to your coding agent with a concrete install brief instead of figuring it out manually.", "steps": [ "Download the package from Yavira.", "Extract it into a folder your agent can access.", "Paste one of the prompts below and point your agent at the extracted folder." ], "prompts": [ { "label": "New install", "body": "I downloaded a skill package from Yavira. Read SKILL.md from the extracted folder and install it by following the included instructions. Then review README.md for any prerequisites, environment setup, or post-install checks. Tell me what you changed and call out any manual steps you could not complete." }, { "label": "Upgrade existing", "body": "I downloaded an updated skill package from Yavira. Read SKILL.md from the extracted folder, compare it with my current installation, and upgrade it while preserving any custom configuration unless the package docs explicitly say otherwise. Then review README.md for any prerequisites, environment setup, or post-install checks. Summarize what changed and any follow-up checks I should run." } ] }, "sourceHealth": { "source": "tencent", "status": "healthy", "reason": "direct_download_ok", "recommendedAction": "download", "checkedAt": "2026-04-23T16:43:11.935Z", "expiresAt": "2026-04-30T16:43:11.935Z", "httpStatus": 200, "finalUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=4claw-imageboard", "contentType": "application/zip", "probeMethod": "head", "details": { "probeUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=4claw-imageboard", "contentDisposition": "attachment; filename=\"4claw-imageboard-1.0.1.zip\"", "redirectLocation": null, "bodySnippet": null }, "scope": "source", "summary": "Source download looks usable.", "detail": "Yavira can redirect you to the upstream package for this source.", "primaryActionLabel": "Download for OpenClaw", "primaryActionHref": "/downloads/agent-swarm" }, "validation": { "installChecklist": [ "Use the Yavira download entry.", "Review SKILL.md after the package is downloaded.", "Confirm the extracted package contains the expected setup assets." ], "postInstallChecks": [ "Confirm the extracted package includes the expected docs or setup files.", "Validate the skill or prompts are available in your target agent workspace.", "Capture any manual follow-up steps the agent could not complete." ] }, "downloadPageUrl": "https://openagent3.xyz/downloads/agent-swarm", "agentPageUrl": "https://openagent3.xyz/skills/agent-swarm/agent", "manifestUrl": "https://openagent3.xyz/skills/agent-swarm/agent.json", "briefUrl": "https://openagent3.xyz/skills/agent-swarm/agent.md" }, "agentAssist": { "summary": "Hand the extracted package to your coding agent with a concrete install brief instead of figuring it out manually.", "steps": [ "Download the package from Yavira.", "Extract it into a folder your agent can access.", "Paste one of the prompts below and point your agent at the extracted folder." ], "prompts": [ { "label": "New install", "body": "I downloaded a skill package from Yavira. Read SKILL.md from the extracted folder and install it by following the included instructions. Then review README.md for any prerequisites, environment setup, or post-install checks. Tell me what you changed and call out any manual steps you could not complete." }, { "label": "Upgrade existing", "body": "I downloaded an updated skill package from Yavira. Read SKILL.md from the extracted folder, compare it with my current installation, and upgrade it while preserving any custom configuration unless the package docs explicitly say otherwise. Then review README.md for any prerequisites, environment setup, or post-install checks. Summarize what changed and any follow-up checks I should run." } ] }, "documentation": { "source": "clawhub", "primaryDoc": "SKILL.md", "sections": [ { "title": "Description", "body": "IMPORTANT: OpenRouter is required. Routes tasks to the right model and always delegates work through sessions_spawn." }, { "title": "Before installing", "body": "OPENCLAW_HOME: Not required. The skill uses OPENCLAW_HOME only if set; otherwise it defaults to ~/.openclaw. This is consistent in both metadata (_meta.json: listed in optionalEnv, not in env) and behavior.\nopenclaw.json read access: The skill reads the local file openclaw.json (at $OPENCLAW_HOME/openclaw.json or ~/.openclaw/openclaw.json). Only the fields tools.exec.host and tools.exec.node are used; no gateway secrets or API keys are read. Verify you are comfortable granting read access to that file before installing." }, { "title": "Single task", "body": "Router output:\n{\"task\":\"write a poem\",\"model\":\"openrouter/moonshotai/kimi-k2.5\",\"sessionTarget\":\"isolated\"}\n\nThen call:\nsessions_spawn(task=\"write a poem\", model=\"openrouter/moonshotai/kimi-k2.5\", sessionTarget=\"isolated\")" }, { "title": "Parallel tasks", "body": "python3 workspace/skills/agent-swarm/scripts/router.py spawn --json --multi \"fix bug and write poem\"\n\nThis returns multiple spawn configs. Start one sub-agent per config." }, { "title": "Commands", "body": "Manual/CLI use only. The examples below pass the task as a single argument; for programmatic use with untrusted user input, always invoke the router via subprocess.run(..., [..., user_message], ...) with a list of arguments (see Security). Do not build a shell command string from user input.\n\npython scripts/router.py default\npython scripts/router.py classify \"fix lint errors\"\npython scripts/router.py spawn --json \"write a poem\"\npython scripts/router.py spawn --json --multi \"fix bug and write poem\"\npython scripts/router.py models" }, { "title": "What this skill does", "body": "Agent Swarm is a traffic cop for AI models.\nIt picks the best model for each task, then starts a sub-agent to do the work." }, { "title": "IMPORTANT: OpenRouter is required", "body": "Required Platform Configuration:\n\nOpenRouter API key: Must be configured in OpenClaw platform settings (not provided by this skill)\nOPENCLAW_HOME (optional): Environment variable pointing to OpenClaw workspace root. If not set, defaults to ~/.openclaw\nopenclaw.json access: The router reads tools.exec.host and tools.exec.node from openclaw.json (located at $OPENCLAW_HOME/openclaw.json or ~/.openclaw/openclaw.json). Only these two fields are accessed; no gateway secrets or API keys are read.\n\nModel Requirements:\n\nModel IDs must use openrouter/... prefix\nIf OpenRouter is not configured in OpenClaw, delegation will fail" }, { "title": "Why this helps", "body": "Faster replies (cheap orchestrator, smart sub-agent routing)\nBetter quality (code tasks go to code models, writing tasks go to writing models)\nLower cost (you do not run every task on the most expensive model)" }, { "title": "Core rule (non-negotiable)", "body": "For user tasks, the orchestrator must delegate.\nIt must NOT answer the task itself.\n\nUse this flow every time:\n\nRun router. From orchestrator code, use subprocess with a list of arguments (never shell interpolation with user input):\nimport subprocess\nresult = subprocess.run(\n [\"python3\", \"/path/to/workspace/skills/agent-swarm/scripts/router.py\", \"spawn\", \"--json\", user_message],\n capture_output=True,\n text=True\n)\ndata = json.loads(result.stdout) if result.returncode == 0 else {}\n\nCLI only (manual testing; do not use from code with untrusted user input):\npython3 workspace/skills/agent-swarm/scripts/router.py spawn --json \"your task here\"\nUse OPENCLAW_HOME or absolute path for the script when not in workspace root.\nIf needs_config_patch is true: stop and report that patch to the user.\nOtherwise call:\nsessions_spawn(task=..., model=..., sessionTarget=...)\nWait for sessions_spawn result.\nReturn the sub-agent result to the user.\n\nIf sessions_spawn fails, return only a delegation failure message.\nDo not do the task yourself." }, { "title": "Config basics", "body": "Edit config.json in the skill root (parent of scripts/) to change routing." }, { "title": "What you can change", "body": "WhatKeyPurposeOrchestrator / session defaultdefault_modelMain agent and new sessions (e.g. Gemini 2.5 Flash)Task-specific model per tierrouting_rules..primaryModel used when a task matches that tierBackup models if primary failsrouting_rules..fallbackArray of model IDs to try next" }, { "title": "All task-specific tiers (change the model for each)", "body": "TierKey to change primaryTypical useFASTrouting_rules.FAST.primarySimple tasks: check, list, status, fetchREASONINGrouting_rules.REASONING.primaryLogic, math, step-by-step analysisCREATIVErouting_rules.CREATIVE.primaryWriting, stories, UI/UX, designRESEARCHrouting_rules.RESEARCH.primaryResearch, search, fact-findingCODErouting_rules.CODE.primaryCode, debug, refactor, implementQUALITYrouting_rules.QUALITY.primaryComplex/architecture tasksCOMPLEXrouting_rules.COMPLEX.primaryMulti-step / complex system tasksVISIONrouting_rules.VISION.primaryImage analysis, screenshots, visual\n\nTo change all task-specific models: edit each routing_rules..primary above. Use model IDs from the models array in config.json (must start with openrouter/)." }, { "title": "Simple config examples", "body": "Orchestrator only (keep defaults for tiers):\n\n{\n \"default_model\": \"openrouter/google/gemini-2.5-flash\"\n}\n\n(Other keys like routing_rules and models can stay as in the shipped config.json.)\n\nChange one tier (e.g. CODE to MiniMax):\n\n\"routing_rules\": {\n \"CODE\": {\n \"primary\": \"openrouter/minimax/minimax-m2.5\",\n \"fallback\": [\"openrouter/qwen/qwen3-coder-flash\"]\n }\n}\n\nChange multiple tiers (primaries only):\n\n\"routing_rules\": {\n \"CREATIVE\": { \"primary\": \"openrouter/moonshotai/kimi-k2.5\", \"fallback\": [] },\n \"CODE\": { \"primary\": \"openrouter/z-ai/glm-4.7-flash\", \"fallback\": [\"openrouter/minimax/minimax-m2.5\"] },\n \"RESEARCH\": { \"primary\": \"openrouter/x-ai/grok-4.1-fast\", \"fallback\": [] }\n}\n\nOnly include tiers you want to override; the rest are read from the full config.json." }, { "title": "Input Validation", "body": "The router validates and sanitizes all inputs to prevent injection attacks:\n\nTask strings: Validated for length (max 10KB), null bytes; rejects prompt-injection patterns (script tags, javascript: protocol, event-handler attributes). Invalid tasks raise ValueError with a clear message.\nConfig patches: Only allows modifications to tools.exec.host and tools.exec.node (whitelist approach)\nLabels: Validated for length and null bytes" }, { "title": "Safe Execution", "body": "Critical: When calling router.py from orchestrator code, always use subprocess with a list of arguments, never shell string interpolation:\n\n# ✅ SAFE: Use subprocess with list arguments\nimport subprocess\nresult = subprocess.run(\n [\"python3\", \"/path/to/router.py\", \"spawn\", \"--json\", user_message],\n capture_output=True,\n text=True\n)\n\n# ❌ UNSAFE: Shell string interpolation (vulnerable to injection)\nimport os\nos.system(f'python3 router.py spawn --json \"{user_message}\"') # DON'T DO THIS\n\nThe router uses Python's argparse, which safely handles arguments when passed as a list. Shell string interpolation is vulnerable to command injection if the user message contains shell metacharacters." }, { "title": "Config Patch Safety", "body": "The recommended_config_patch only modifies safe fields:\n\ntools.exec.host (must be 'sandbox' or 'node')\ntools.exec.node (only when host is 'node')\n\nAll config patches are validated before being returned. The orchestrator should validate patches again before applying them to openclaw.json." }, { "title": "Prompt Injection Mitigation", "body": "The router rejects task strings that contain prompt-injection patterns (e.g.