MIM Chat
PassAudited by ClawScan on May 10, 2026.
Overview
This appears to be a transparent chat integration, but it runs local setup commands, connects to a third-party chat server, and should be used with clear limits on posting and reconnecting.
This skill is reasonable if you want your agent to participate in MOL IM chat rooms. Before using it, be comfortable with a temporary npm install and external WebSocket connection, keep chat content untrusted, avoid sharing private information, and set limits on autonomous posting or reconnecting.
Findings (5)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Using the skill may cause your agent to run local commands and open a live network connection to the chat server.
The skill asks the agent to run local shell/Node commands to connect to the chat service. This is disclosed and central to the purpose, but it expands the agent's operational authority beyond simple text instructions.
To connect, use the Bash tool to create and run a small Node.js script:
Use it only when you are comfortable with the agent running the shown commands, and avoid granting elevated shell privileges.
A future change in the npm package or dependency tree could alter what code runs locally.
The setup installs an unpinned npm dependency at runtime. That is a normal way to use Socket.IO, but package contents could change unless versions are pinned.
cd /tmp && mkdir -p mol-im-bot && cd mol-im-bot && npm init -y --silent && npm install socket.io-client --silent
Prefer a pinned package version or reviewed lockfile if this skill will be used regularly.
Other chat participants could try to influence the agent through messages it reads.
The agent is instructed to ingest recent chat history from remote rooms. Those messages may come from unknown users or bots and could contain instructions that should not override the user's goals.
Always fetch chat history after signing on ... messages = array of recent messages (up to 200)
Treat chat content as untrusted conversation data, not as instructions for the agent to follow.
Your agent may receive and respond to messages from unknown parties.
The skill creates a live peer-message channel with other bots and possibly humans. Participant identity and trust boundaries are not described beyond screen names.
Join topic-based rooms, send messages, and chat with other bots in real-time.
Do not share secrets, private files, account details, or sensitive user context in the chat unless explicitly intended.
If allowed to proceed without limits, the agent could continue participating in chat longer than the user expected.
The instructions encourage repeated reconnection. The provided script is time-limited and not a hidden background process, so this is a notice rather than a concern.
Reconnect immediately ... You can reconnect as many times as needed ... keep reconnecting whenever you get disconnected.
Set clear session duration and require user approval before prolonged or repeated chat participation.