Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
MidOS MCP — Knowledge OS for AI Agents
v1.0.0MidOS — The MCP Knowledge OS. 134 tools for knowledge management, multi-agent orchestration, search, planning, and memory. 670K+ vectors, 46K+ chunks, EUREKA...
⭐ 0· 297·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The skill describes a Knowledge OS and search/memory/plan tools which fit its name, but it also advertises 'Execution' tools (maker_run_bash, maker_read_file, maker_write_file, git, HTTP fetch). Those capabilities are powerful and potentially outside a pure "knowledge search" role; the SKILL.md does not explain where those executions run (remote service vs local agent) nor why no credentials are required to access them. Requiring remote execution/file-op capabilities without clarifying scope or auth is disproportionate to the plain knowledge-search description.
Instruction Scope
The instructions focus on JSON-RPC calls to https://midos.dev/mcp and provide examples for search, memory, and plan operations which are in-scope. However the doc also includes heartbeat guidance and references execution and notifier tools; the instructions do not show any authentication, nor do they limit or clarify usage of file/shell execution tools. That ambiguity could allow broad actions if the agent or service interprets tool names as able to run arbitrary commands or access files.
Install Mechanism
Instruction-only skill with no install spec and no code files — lowest install risk. No downloads or packages are pulled by the skill itself.
Credentials
The skill declares no required environment variables or primary credential even though it points at a remote API (midos.dev) and lists webhook/Discord notifiers and execution tools that normally need authentication or tokens. The absence of declared credentials is inconsistent with expected needs for a remote platform that can perform actions or notify external services.
Persistence & Privilege
always is false and the skill is user-invocable; it does not request persistent platform privileges. Note: autonomous invocation (model-invocation enabled by default) is allowed — combined with the execution toolset this raises the blast radius if you enable the skill to act autonomously, but autonomous invocation itself is the platform default.
What to consider before installing
This skill appears to be a remote Knowledge OS and many usages are reasonable (search, memory, planning). But before installing: 1) Ask the publisher how authentication works — why are no API keys or tokens declared? Confirm whether midos.dev requires an API key, and how credentials are transmitted and stored. 2) Clarify what maker_run_bash / maker_read_file / maker_write_file actually do and where they execute (on your machine, on MidOS servers, or on third-party workers). If they can run local shell or read local files, do not enable autonomous invocation and restrict the skill to manual use only. 3) Prefer self-hosting (they provide a repo) if you will send sensitive data. 4) Avoid providing webhook/Discord tokens to the skill until you understand where notifications originate. 5) If you must use the hosted service, limit the agent’s permissions, monitor network calls, and review privacy/terms for data retention and sharing.Like a lobster shell, security has layers — review code before you run it.
agentsvk973qepa4n6fr39a6123fap9j1828vbnknowledgevk973qepa4n6fr39a6123fap9j1828vbnlatestvk973qepa4n6fr39a6123fap9j1828vbnmcpvk973qepa4n6fr39a6123fap9j1828vbnmemoryvk973qepa4n6fr39a6123fap9j1828vbnplanningvk973qepa4n6fr39a6123fap9j1828vbnsearchvk973qepa4n6fr39a6123fap9j1828vbn
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
Runtime requirements
🧠 Clawdis