Guru MCP
Security checks across malware telemetry and agentic risk
Overview
This Guru integration is coherent and not malicious, but it deserves review because it can use a Guru API token to read broad workplace knowledge and update Guru cards without an explicit approval or rollback workflow.
Install only if you are comfortable giving the agent access to your Guru workspace and connected sources. Prefer a least-privileged token, avoid submitting secrets in questions, and require manual review before the agent creates drafts or updates existing Guru cards.
VirusTotal
64/64 vendors flagged this skill as clean.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If used carelessly or invoked on the wrong card, the agent could alter company documentation that other users rely on.
The skill exposes mutation of existing Guru cards, which can affect shared business knowledge. The artifacts do not instruct the agent to obtain explicit confirmation, show a diff, or provide rollback guidance before updating.
- **Update Cards** — Modify existing cards directly
Require explicit user confirmation before any `guru_update_card` call, show the current and proposed content changes, and use the least-privileged Guru token available.
The agent can access Guru data available to the token owner and may be able to create or update content if that account has permission.
The skill requires a Guru API token tied to the user's account. This is expected for the integration, but users should understand the token grants account-level access according to Guru permissions.
GURU_API_TOKEN=your.email@company.com:your-api-token
Use a token with only the permissions needed, store it securely, and rotate or revoke it if the skill is no longer used.
Questions and knowledge-base interactions may leave the local environment and be processed by Guru.
The skill routes MCP calls to Guru's hosted MCP endpoint using the configured authorization header. This is purpose-aligned, but it means prompts, searches, and retrieved content are handled by the Guru service.
"baseUrl": "https://mcp.api.getguru.com/mcp"
Avoid sending sensitive questions unless Guru is approved for that data, and review Guru workspace logging and retention settings.
Sensitive questions or internal topics may become visible in Guru analytics to authorized administrators.
The artifact discloses that questions are logged in Guru analytics. This is expected behavior, but users should know their queries may be retained or visible in that administrative context.
- Questions appear in Guru's **AI Agent Center** analytics
Check who can view AI Agent Center analytics and avoid entering secrets or unnecessary sensitive details in questions.