Antfarm workflows run AI agents on your machine. That's powerful — and it means security matters.
Antfarm only installs workflows from this official repository (snarktank/antfarm). There is no mechanism to install workflows from arbitrary URLs, third-party repos, or remote sources. If it's not in this repo, it doesn't run.
All workflow submissions — including community PRs — go through security review before merging. We specifically check for:
- Prompt injection — instructions designed to hijack agent behavior, override safety boundaries, or exfiltrate data
- Malicious skill files — SKILL.md, AGENTS.md, or other workspace files that could trick agents into running harmful commands
- Privilege escalation — workflows that attempt to access resources beyond their intended scope
- Data exfiltration — any attempt to send private data to external services
Every workflow is plain YAML and Markdown. No compiled code, no obfuscated logic. You can read exactly what each agent will do before you install it.
Each agent runs in its own isolated OpenClaw session with a dedicated workspace. Agents only have access to the tools and files defined in their workflow configuration.
We actively encourage community contributions. To submit a new workflow:
- Fork this repo
- Create your workflow in
workflows/ - Submit a PR with a clear description of what it does
- All PRs go through security review before merging
See docs/creating-workflows.md for the full guide.
If you find a security issue in Antfarm, please report it responsibly:
- Email: Ryan@ryancarson.com
- Do not open a public issue for security vulnerabilities
We'll acknowledge receipt within 48 hours and work with you on a fix.