Mikrotik RouterOS
AdvisoryAudited by Static analysis on Apr 30, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A mistaken prompt or overly broad agent action could change router configuration, disrupt connectivity, or run other high-impact RouterOS operations if used with an admin account.
The client accepts and sends arbitrary RouterOS command paths and arguments. This matches the custom-command feature, but the artifacts do not document an allowlist, confirmation step, or containment for state-changing router commands.
def run_command(self, command, args=None): ... self._send_word(command) ... for arg in args: self._send_word(arg)
Use a least-privilege or read-only RouterOS account where possible, and require explicit user approval before any add/set/remove/reboot/shutdown or other state-changing command.
A user may believe their router login is protected when the provided client code does not actually establish TLS, increasing the risk of credential exposure on the network.
The file tells users to use port 8729 for SSL, but the connection code uses a plain TCP socket and sends the password as a RouterOS API word; no TLS wrapping or challenge-response handling is shown.
port: API port (default: 8728, use 8729 for SSL) ... self.sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM) ... self._send_word(f'=password={self.password}')Do not rely on the advertised SSL behavior until the code is fixed and verified. Use a trusted VPN, SSH tunnel, or a corrected TLS-enabled client for router administration.
Anyone or any agent with access to that workspace file could potentially reuse the router credentials.
Router credentials are expected for this integration, but the suggested configuration includes admin access and direct plaintext password entry in a workspace file.
Option 1: TOOLS.md (Recommended) ... **office**: 192.168.88.1, admin, empty password ... With password: write the password string directly
Avoid storing router admin passwords in plaintext. Prefer temporary least-privilege accounts, secret storage, and remove credentials when finished.
Running scans can execute local networking utilities and generate subnet discovery traffic, which may be inappropriate on networks you do not administer.
The network scanner invokes local system commands through the shell. This is disclosed in SKILL.md and is aligned with local subnet discovery, but it is still local command execution.
subprocess.check_output("ipconfig", shell=True) ... subprocess.check_output("ip addr", shell=True) ... subprocess.check_output(f"arp -a {ip}", shell=True)Run scanning only on networks where you have permission, and use the skill in a trusted local environment.
You may have less assurance about who maintains the code or where to audit upstream changes.
No remote installer is shown, but the skill has limited provenance information, so users have less external context for validating the code origin.
Source: unknown; Homepage: none; No install spec — this is an instruction-only skill.
Review the included source before use and prefer installing from a verifiable repository or trusted maintainer when available.