← Back to Skills Marketplace
Miro CLI
by
bigbubbaagent-bot
· GitHub ↗
· v1.0.5
· MIT-0
280
Downloads
1
Stars
0
Active Installs
6
Versions
Install in OpenClaw
/install miro-cli
Description
Miro CLI tool for board/team/org management via command line. Use when querying boards, exporting data, viewing teams/organizations, or automating Miro workf...
Usage Guidance
This skill is a wrapper around an external npm tool (mirocli). Before installing: 1) Verify the npm package and GitHub repo (review source, recent commits/issues, and maintainer reputation). 2) Prefer testing in an isolated environment or container and with a non-production Miro account. 3) Understand that npm install -g executes package install scripts—avoid installing globally on sensitive machines until reviewed. 4) Confirm where mirocli stores tokens (~/.mirocli and system keyring) and inspect that directory after first run. 5) Ask the skill publisher to correct the manifest to list required credentials (org id, client id, client secret) so the metadata matches the runtime instructions. If you cannot or do not want to trust a third-party npm binary with your Client Secret, do not install this skill.
Capability Analysis
Type: OpenClaw Skill
Name: miro-cli
Version: 1.0.5
The miro-cli skill is a legitimate wrapper for the third-party 'mirocli' npm package (davitp/mirocli) used for Miro platform management. It includes standard helper scripts (export-team-boards.sh, list-boards-detailed.sh) and provides extensive documentation regarding its trust model and the secure handling of credentials via the system keyring. No indicators of malicious intent, data exfiltration, or unauthorized execution were found.
Capability Assessment
Purpose & Capability
The SKILL.md clearly requires OAuth credentials (org id, client id, client secret) and documents interactive credential setup, which aligns with the stated Miro CLI purpose. However the registry metadata lists no required environment variables or primary credential, creating a manifest/metadata mismatch that is unexplained.
Instruction Scope
Runtime instructions and helper scripts only call the external mirocli binary, jq, and standard shell tools; they instruct interactive OAuth setup and store secrets via the external tool's system keyring. The instructions do not read unrelated system files or post data to unexpected endpoints.
Install Mechanism
Installation uses an npm package (davitp/mirocli) which is a public community package (moderate risk). There are no ad-hoc downloads from unknown servers. npm install -g runs maintainer-provided install scripts—verify the package source and recent activity before installing globally.
Credentials
The skill requires OAuth credentials per SKILL.md (Client ID/Secret, Org ID) but the skill's declared registry requirements list no required env vars or primary credential. The credential handling is delegated to the external binary (mirocli) and said to be stored in the system keyring, but the manifest should explicitly declare the credential requirements to match the instructions.
Persistence & Privilege
The skill is not always-enabled and does not request elevated platform privileges. It does recommend installing a global npm binary (which writes to system/global npm locations) and suggests adding the scripts directory to PATH—both are normal but worth caution.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install miro-cli - After installation, invoke the skill by name or use
/miro-cli - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.5
METADATA FIX: Flatten and simplify frontmatter structure. Move credentials to top-level required_credentials declaration. Add explicit metadata section with trust_model: external-binary-managed-credentials. Clarify security model with capabilities/limitations/external_binary/credential_storage declarations. Fix registry metadata mismatch that was flagging credentials inconsistency in security scanner.
v1.0.4
CRITICAL FIX: Move credentials from nested metadata to top-level registry 'requires' section - fixes ClawHub platform security review mismatch where registry showed 'no required credentials' while SKILL.md listed 3 required credentials. Registry now correctly declares: bins (mirocli, jq, column) and credentials (miro_org_id, miro_client_id, miro_client_secret)
v1.0.3
ClawHub review fixes: (1) Declare all binary dependencies (jq, column) with verification notes; (2) Add explicit trust model section; (3) Require verification of mirocli npm package authenticity; (4) Replace PATH modification suggestion with safer alternatives; (5) Add security warnings about external binary reliance and credential handling
v1.0.2
Fix: Add proper metadata, security documentation, and credential declarations for ClawHub review compliance
v1.0.1
Security fix: Remove hardcoded organization/client IDs from documentation
v1.0.0
Initial release: Comprehensive CLI tool for Miro board management, team views, and board exports
Metadata
Frequently Asked Questions
What is Miro CLI?
Miro CLI tool for board/team/org management via command line. Use when querying boards, exporting data, viewing teams/organizations, or automating Miro workf... It is an AI Agent Skill for Claude Code / OpenClaw, with 280 downloads so far.
How do I install Miro CLI?
Run "/install miro-cli" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Miro CLI free?
Yes, Miro CLI is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does Miro CLI support?
Miro CLI is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Miro CLI?
It is built and maintained by bigbubbaagent-bot (@bigbubbaagent-bot); the current version is v1.0.5.
More Skills