miro-api
Fail
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: CRITICAL
Full Analysis
- EXTERNAL_DOWNLOADS (SAFE): An automated scanner flagged 'connector.id' as a malicious URL. Technical analysis confirms this is a false positive. The string represents standard Python object property access (e.g.,
connector.id) common in the Miro SDK and is not used as a network endpoint or URL. - DATA_EXFILTRATION (SAFE): The skill follows security best practices by recommending environment variables (
MIRO_ACCESS_TOKEN) rather than hardcoding credentials. No suspicious network activity or exfiltration patterns were found. - COMMAND_EXECUTION (SAFE): The provided code snippets only interact with the Miro REST API via the
miro-apilibrary andrequests. No arbitrary shell command execution or dangerous subprocess calls are present. - PROMPT_INJECTION (SAFE): No instructions attempting to override agent behavior or bypass safety filters were found in the README content.
Recommendations
- Contains 1 malicious URL(s) - DO NOT USE
Audit Metadata