Tmp.SOVvMo1n6G
SuspiciousAudited by ClawScan on May 11, 2026.
Overview
Review before installing: this OFW skill is purpose-aligned, but it asks for your OFW username/password, runs an external unpinned MCP package, and can read or change legal co-parenting records.
Install only if you trust the ofw-mcp package and understand it will access sensitive OFW data. Before use, pin and review the external package, protect the stored OFW password, and instruct the agent to ask before any action that sends, creates, updates, deletes, marks read, or changes last-seen status.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The MCP server can act with the user's OFW account privileges, including access to private messages, contact details, calendar, expenses, and journal content.
The skill instructs users to provide direct OFW account credentials even though the registry metadata declares no primary credential or required environment variables. Those credentials unlock sensitive co-parenting records and write actions.
"OFW_USERNAME": "you@example.com", "OFW_PASSWORD": "yourpassword"
Only use this if you fully trust the external MCP package. Prefer a dedicated or revocable credential if OFW supports it, avoid storing passwords in broadly readable config files, and ensure the skill metadata clearly declares the credential requirement.
An agent could make changes to OFW records that may matter in a legal co-parenting context, including expenses, calendar entries, journal entries, or sent messages.
The tool set includes high-impact actions such as sending messages, creating expenses, creating journal entries, updating events, and permanent event deletion. The caution section covers confirmation for sending and deleting, but not all create/update actions.
MCP server for OurFamilyWizard — provides read/write access to messages, calendar, expenses, and journal.
Require explicit user approval before every OFW state-changing action, including create, update, send, mark-read, last-seen updates, and delete. Show the exact fields and recipients before execution.
If the npm package or its dependencies are compromised or change behavior later, the user's OFW credentials and co-parenting data could be exposed or misused.
The setup runs an external npm package without pinning a version in the instruction, and no package code or install spec is included in the provided artifacts. That package would receive OFW credentials and account access.
"command": "npx", "args": ["-y", "ofw-mcp"]
Pin a trusted version, review the package source and dependencies before use, prefer a lockfile or audited install path, and do not provide OFW credentials to unreviewed code.