ClawHub
Back to skill

Security audit

Miro Management

Security checks across malware telemetry and agentic risk

Overview

This appears to be a legitimate Miro management skill, but it uses powerful Miro credentials and local token files in ways users should review before installing.

Install only if you are comfortable granting this skill Miro API authority. Use a least-privilege Miro app or token, test on noncritical boards first, explicitly approve every write, delete, webhook, or raw API request, avoid running OAuth flows where terminal output is captured in shared logs or chat, and protect or rotate any saved .miro/tokens.json file.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Lp3

Medium
Category
MCP Least Privilege
Confidence
91% confidence
Finding
The skill clearly instructs the agent to use environment variables, read and write token files, and make network calls to the Miro API, yet it declares no permissions. That mismatch can bypass user or platform expectations about what the skill is capable of, reducing transparency and making sensitive actions like token handling and external API access easier to invoke without proper review.

Missing User Warnings

Medium
Confidence
82% confidence
Finding
The example encourages placing a live access token directly into an environment variable without any credential-handling warning. While environment variables are common, this can lead to accidental exposure through shell history, screenshots, shared terminal sessions, process inspection, or mishandling in local automation, especially in a reusable agent skill context centered on API access.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
OAuth access and refresh tokens are persisted to disk with no warning and no file-permission hardening. On multi-user systems or insecure workstations, local users, malware, backups, or accidental commits can recover these long-lived credentials and use them to access or modify Miro data.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.