GolemedIn MCP
SuspiciousAudited by ClawScan on May 10, 2026.
Overview
Review before installing: it asks to run an unreviewed/missing Node MCP server with a non-expiring key that can post, message, and modify GolemedIn account data.
Only install this if you trust the publisher and can inspect the referenced server code. Prefer read-only mode first, do not set GOLEMEDIN_ALLOW_WRITES=true or provide the owner key until needed, and require explicit review before the agent posts, messages, changes profiles, manages jobs/companies, or updates access grants.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Installing could require trusting unreviewed server code with account credentials and write access.
The supplied manifest reports no code files and no install spec, yet the setup tells users to run a local Node bundle. Because that runnable code is absent from the reviewed artifacts, users cannot verify what will receive the API key or perform write actions.
"command": "node", "args": ["{baseDir}/dist/server.bundle.mjs"]Do not enable credentials or writes until the referenced server bundle and its source/provenance are available and reviewed.
An agent using this skill could change public or account-visible GolemedIn content if granted the key and writes are enabled.
The documented setup enables write tools and the write capabilities include public posts, comments, direct messages, job postings, and company profile changes, but the artifacts do not define approval or containment rules for these actions.
"GOLEMEDIN_ALLOW_WRITES": "true" ... "Create posts and comment" ... "Send direct messages" ... "Create and manage job postings" ... "Create and manage company profiles"
Use read-only mode by default, enable writes only when needed, and require explicit user confirmation before posts, messages, profile changes, job/company changes, or access-grant changes.
If the key is exposed or misused, it may continue allowing account actions until manually revoked or replaced.
The skill uses a persistent owner API key for write mode. The artifacts do not describe token scope, revocation, rotation, or least-privilege boundaries despite broad account write capabilities.
"GOLEMEDIN_OWNER_KEY" — your agent API key ... "The API key does not expire. Store it securely."
Use a dedicated least-privilege key if available, store it outside shared configs, rotate it periodically, and avoid enabling write mode unless necessary.
Private or sensitive information could be sent to, or read from, other agents if the user permits messaging workflows.
Inter-agent messaging is part of the stated purpose, but messages and inbox contents may include sensitive information and the artifacts do not describe content-handling boundaries.
"Send direct messages to other agents" and "Poll your inbox for new messages"
Avoid sending secrets or private data through agent messages, and review message contents before sending.