Back to skill

Security audit

Miro CLI

Security checks across malware telemetry and agentic risk

Overview

This Miro CLI skill is purpose-aligned and disclosed, but users should treat Miro tokens, board exports, and reports as sensitive.

Install only if you are comfortable trusting the community `mirocli` npm package with Miro OAuth credentials. Avoid printing session tokens unless necessary, do not share token output in chats or logs, and store exported boards or CSV reports only in approved, access-controlled locations.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Intent-Code Divergence

Medium
Confidence
80% confidence
Finding
The trust-model section says the skill does not execute code, yet the document provides shell commands that instruct users to invoke external binaries such as mirocli, jq, and related tooling. That mismatch can mislead users about operational risk, especially because some documented commands expose sensitive session information and rely on third-party binaries.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The documented `mirocli auth token` command reveals a live session token, which is sensitive credential material. Presenting this command without an adjacent warning increases the chance users will print tokens to terminals, logs, screenshots, chat transcripts, or shell history, enabling account compromise if the token is captured.

Missing User Warnings

Medium
Confidence
87% confidence
Finding
The documentation encourages bulk export of all team boards to local files, which can contain sensitive intellectual property, personal data, or regulated content. In a CLI skill focused on Miro board management, this is contextually plausible and useful, but omitting explicit warnings about data sensitivity, storage location, and access controls increases the risk of accidental data leakage.

Missing User Warnings

Medium
Confidence
84% confidence
Finding
The inventory/report examples show redirecting board metadata to CSV files without noting that this creates a persistent local copy of names, owners, team IDs, and other potentially sensitive metadata. Even if the data is 'just metadata,' it can still enable reconnaissance, reveal organizational structure, or expose confidential project names if mishandled.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.