ClawHub

Miromind

Security checks across malware telemetry and agentic risk

Overview

This skill coherently automates MiroMind research, but users should understand it uses MiroMind credentials, sends queries to that service, and saves reports locally.

Install only if you are comfortable giving OpenClaw access to a MiroMind account and sending research questions to dr.miromind.ai. Avoid submitting secrets or regulated data, use a dedicated MiroMind account if possible, protect the OpenClaw config containing the password, and remember that generated reports are saved under the local OpenClaw workspace.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (8)

Context-Inappropriate Capability

Medium
Confidence
94% confidence
Finding
The skill requires MIROMIND_EMAIL and MIROMIND_PASSWORD and documents automated login to a third-party website, but this sensitive behavior is not clearly disclosed in the high-level skill description. That creates a trust and privacy risk because users may invoke a 'deep research' skill without realizing it will use stored credentials to access an external account and transmit activity under their identity.

Description-Behavior Mismatch

Medium
Confidence
91% confidence
Finding
The skill is presented as a research assistant, but it also writes report files to disk and persists session artifacts such as cookies.json. This is dangerous because local persistence expands the data exposure surface: research contents, potentially sensitive prompts, and authenticated session data may remain on the host after execution and be accessible to other tools or users.

Missing User Warnings

Medium
Confidence
87% confidence
Finding
The README explicitly advertises automatic saving of complete research reports to the local workspace, but does not warn that prompts, generated content, and potentially sensitive source material may be written to disk unredacted. In a research skill, users may submit proprietary, personal, financial, or investigative topics, so silent persistence increases the risk of unintended local data exposure, backup leakage, or multi-user system disclosure.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The README instructs users to place MiroMind email and password directly into OpenClaw configuration without any warning about secret handling, least privilege, or safer secret storage mechanisms. This can normalize plaintext credential storage in config files, increasing the chance of credential disclosure through local compromise, backups, logs, screenshots, or accidental sharing of configuration.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The README promotes deep research and browser automation but does not clearly warn that user prompts and research topics will be transmitted to the third-party MiroMind service via automated browser interaction. Users may submit sensitive business, personal, or regulated data without understanding it is leaving the local environment. In a research skill, this context makes the omission more dangerous because users are likely to paste confidential material for analysis.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The README states that full Markdown reports are automatically saved locally but does not warn that these files may contain sensitive prompts, generated findings, or copied source material. This can create unintended data persistence on disk, increasing exposure through backups, multi-user systems, endpoint compromise, or accidental sharing. Because the skill is designed for deep research, the saved output may be especially information-dense and sensitive.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The README instructs users to place account credentials in environment configuration in plaintext JSON without warning about sensitivity, access controls, or safer secret-storage practices. On shared machines or poorly secured environments, this can lead to credential disclosure and account compromise. The skill context increases risk because the credentials grant access to a third-party service used for automated actions.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The documented workflow sends the user's research query directly to the external MiroMind service via a URL query parameter, but the skill description does not warn users that their input leaves the local environment. This is especially risky for sensitive or proprietary topics, since the query may be exposed to the third party, browser history, logs, and other telemetry paths associated with URL handling.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal