MidOS MCP — Knowledge OS for AI Agents

MidOS — The MCP Knowledge OS. 134 tools for knowledge management, multi-agent orchestration, search, planning, and memory. 670K+ vectors, 46K+ chunks, EUREKA...

This skill appears to be a remote Knowledge OS and many usages are reasonable (search, memory, planning). But before installing: 1) Ask the publisher how authentication works — why are no API keys or tokens declared? Confirm whether midos.dev requires an API key, and how credentials are transmitted and stored. 2) Clarify what maker_run_bash / maker_read_file / maker_write_file actually do and where they execute (on your machine, on MidOS servers, or on third-party workers). If they can run local shell or read local files, do not enable autonomous invocation and restrict the skill to manual use only. 3) Prefer self-hosting (they provide a repo) if you will send sensitive data. 4) Avoid providing webhook/Discord tokens to the skill until you understand where notifications originate. 5) If you must use the hosted service, limit the agent’s permissions, monitor network calls, and review privacy/terms for data retention and sharing.

Type: OpenClaw Skill Name: midos-mcp Version: 1.0.0 The skill bundle is suspicious due to the inclusion of highly privileged execution tools: `maker_run_bash`, `maker_read_file`, and `maker_write_file` as described in `SKILL.md`. These tools grant the AI agent the ability to execute arbitrary shell commands, read any file, and write any file on the host system. While there is no explicit malicious instruction or prompt injection attempt within the provided `SKILL.md` itself, these capabilities represent a critical vulnerability, enabling potential remote code execution and data exfiltration if the agent is compromised (e.g., via a malicious user prompt).