ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Midas Skill — Self-Learning Wealth Extraction Engine

v1.0.0

Midas Skill — Turn Your Repeated Orders Into Gold. A self-learning wealth extraction engine that takes the mundane, repetitive information streams of your da...

0· 67·0 current·0 all-time
by@realteamprinz
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
Capability signals
CryptoCan make purchases
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The skill claims to extract 'wealth signals' from Slack threads, photos, browsing history, purchases, etc. Asking for those types of inputs is coherent with the stated purpose. However, the skill also claims it is 'self-learning' and 'does not reset between sessions' (cumulative memory) but the registry metadata and spec include no declared storage, persistence mechanism, or required config/credentials for connectors — that gap is noteworthy.
!
Instruction Scope
SKILL.md instructs the agent to accept ANY daily-life input (Slack threads, screenshots, photos, browsing logs, purchase logs) and to cross-reference them across sessions. Instructions are open-ended (feed Midas 'ANY' input) and give the agent broad discretion to aggregate, retain, and reuse sensitive personal data. The doc does not specify consent, retention limits, anonymization, or where data will be stored, nor does it limit which files/paths or external connectors may be used — this grants the skill wide implicit data-collection scope and creates a privacy risk.
Install Mechanism
There is no install spec and no code files to execute; the skill is instruction-only. That reduces supply-chain risk because nothing is downloaded or installed. The manifest contains many reference content files (methodology, examples) but no executable artifacts.
Credentials
The skill requests no environment variables, binaries, or config paths, which is consistent with an instruction-only skill that expects the user to supply inputs. That said, its functionality (mining Slack, browsing history, photos) would commonly require connectors or tokens in practice; the absence of any declared connector/credential is either an intentional design to have users paste data manually or an omission. The omission reduces transparency about where sensitive credentials would be needed if the skill were later extended.
!
Persistence & Privilege
SKILL.md explicitly states 'Midas does not reset between sessions. Every input builds on every previous input.' The skill metadata does not declare persistence, storage locations, or data lifecycle controls. Persistent aggregation of personal data across sessions is a significant privilege. While the skill does not request 'always: true', the combination of autonomous invocation default and the instruction to retain data increases the blast radius if the agent stores or reuses sensitive inputs without explicit user controls.
What to consider before installing
Before installing or using this skill, consider the following: 1) Privacy scope — the skill is designed to aggregate highly sensitive personal data (chats, browsing history, photos, receipts). Only provide data you are comfortable having stored and analyzed across sessions. 2) Ask the developer (or platform) where Midas stores its cumulative memory, how to view exported personal data, and how to delete it permanently. 3) Avoid giving the skill credentials (Slack tokens, browser sync access, cloud keys) — prefer pasting sanitized excerpts instead of granting connector access. 4) Confirm whether the skill sends data to external endpoints or third-party services; the SKILL.md does not document any network endpoints. 5) If you need the capability but want lower risk, limit inputs to de-identified samples and remove PII before submitting. 6) If you have strict privacy or regulatory constraints (workplace data, customer PII, health/financial data), do not use this skill until its data handling and retention policies are explicit. 7) The skill is instruction-only (no install), which reduces code-execution risk, but the high potential for long-term, cross-context aggregation of sensitive data is the primary concern.

Like a lobster shell, security has layers — review code before you run it.

latestvk9733a4kmmynte76vrk51hpwpd84hwmz

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments