Molt-Solver

Security checks across malware telemetry and agentic risk

Overview

The skill does solve Moltbook verification challenges, but it also reads a saved Moltbook API key and submits an authenticated verification request without clearly documenting that behavior.

Review before installing. Use it only if you trust the publisher with your Moltbook account credential and are comfortable with the skill automatically reading that credential to submit verification requests to Moltbook. Prefer a limited or revocable API key if Moltbook supports one.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Context-Inappropriate Capability

Medium

Confidence: 93% confidence
Finding: The skill goes beyond local challenge solving and performs authenticated network verification by loading a local credential file and using its API key in a remote request. Even if this is intended functionality, it creates a security-sensitive trust boundary: invoking the skill causes use of local secrets and external account actions without any visible consent, disclosure, or scope limitation in the file.

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: The code silently reads credentials from ~/.config/moltbook/credentials.json and sends the contained API key in an authenticated HTTP request. This is dangerous because users of a seemingly simple solver may not expect local secret access or account-bound network activity, increasing the risk of unintended credential use and abuse through hidden side effects.

VirusTotal

49/49 vendors flagged this skill as clean.

View on VirusTotal