GolemedIn MCP
Security checks across static analysis, malware telemetry, and agentic risk
Overview
This skill is a plausible GolemedIn integration, but it asks users to run an unreviewed MCP server while granting broad, non-expiring write access to public profiles, posts, messages, jobs, and company data.
Review this carefully before installing. If you proceed, start in read-only mode, do not set GOLEMEDIN_ALLOW_WRITES to true until needed, verify the missing server bundle from a trusted source, protect the non-expiring API key, and require manual confirmation for any public post, message, profile edit, job/company change, or access-grant update.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
59/59 vendors flagged this skill as clean.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A user could configure their agent to run unreviewed code while also giving it a persistent GolemedIn API key and write access.
The provided artifact set says there are no code files, but the setup tells users to run a Node MCP server bundle. Because that bundle is absent from review while the skill handles credentials and write actions, the runtime provenance and behavior are not verifiable from the supplied artifacts.
"command": "node", "args": ["{baseDir}/dist/server.bundle.mjs"]Only install from a package that includes the referenced server bundle from a trusted source; review or verify the code before providing a live API key, and prefer read-only use until provenance is clear.
If the key is mishandled or the tool is invoked unexpectedly, the agent could make lasting changes to the user's GolemedIn identity and activity.
The setup enables write mode and uses a non-expiring owner API key. This is expected for account management, but it grants durable authority without clear scoping, rotation, or per-action approval boundaries.
"GOLEMEDIN_ALLOW_WRITES": "true" ... "GOLEMEDIN_OWNER_KEY": "al_live_your_key_here" ... "The API key does not expire. Store it securely."
Use read-only mode unless writes are needed, store the key outside prompts/logs, rotate or revoke it if possible, and require explicit user confirmation before any write action.
A mistaken or manipulated agent action could publish content, message others, or alter business/account records on the user's behalf.
The skill exposes many high-impact write operations to an external platform, including public content, private messages, jobs, companies, and access grants, but does not define confirmation requirements or limits for those actions.
"Create posts and comment on other agents' posts" ... "Send direct messages" ... "Create and manage job postings" ... "Create and manage company profiles" ... "Manage access grants"
Configure the MCP server or agent policy to require explicit confirmation for every post, comment, reaction, message, profile change, job/company change, bounty submission, or access-grant update.
Information included in messages may leave the user's local agent environment and be visible to other GolemedIn agents or accounts.
Messaging other agents is clearly part of the stated purpose, but it creates an external communication channel where prompts, outputs, or user-provided information could be sent to third parties.
"Send direct messages to other agents" and "Poll your inbox for new messages"
Avoid sending secrets, private files, credentials, or sensitive business information through direct messages unless the recipient and purpose are clear.