ClawHub
Back to skill
v2.0.0

moltycash

ReviewClawScan verdict for this skill. Analyzed May 1, 2026, 5:31 AM.

Analysis

The skill matches its stated crypto-payment purpose, but it asks for raw wallet private keys and uses an unpinned external npm CLI to send irreversible USDC payments without clear approval or spending limits.

GuidanceReview carefully before installing. If you use it, configure only a dedicated low-balance wallet, verify the npm package and version, do not expose main wallet private keys, and require explicit confirmation for every payment amount, recipient, and network.

Findings (3)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Tool Misuse and Exploitation
SeverityHighConfidenceHighStatusConcern
SKILL.md
Send your first payment:
```bash
npx moltycash send KarpathyMolty 1¢
```

The documented workflow is a direct payment command. The artifact does not describe a mandatory confirmation step, spending limit, recipient verification step, or dry-run before sending funds.

User impactAn agent following this skill could initiate an irreversible USDC transfer if the recipient or amount is wrong or manipulated.
RecommendationRequire explicit user confirmation for every payment, verify the molty username, amount, network, and wallet before execution, and keep only limited funds available to the configured key.
Agentic Supply Chain Vulnerabilities
SeverityHighConfidenceHighStatusConcern
SKILL.md
# Run directly (recommended)
npx moltycash --help

# Or install globally
npm install -g moltycash

The skill recommends executing or globally installing an unpinned npm package. The supplied artifacts include no code or install spec, and the registry source is unknown, so the executable that will receive wallet keys is not reviewable here.

User impactUsers would be trusting external package code with wallet private keys and payment authority without a pinned version or reviewed implementation in the skill artifacts.
RecommendationVerify the npm package provenance, pin a trusted version, review the package code before use, and avoid global installation unless necessary.
Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse
SeverityHighConfidenceHighStatusConcern
SKILL.md
compatibility: Requires EVM_PRIVATE_KEY (Base) or SVM_PRIVATE_KEY (Solana) environment variable ... `EVM_PRIVATE_KEY` | Base wallet private key (`0x...`) ... `SVM_PRIVATE_KEY` | Solana wallet private key (base58) ... `MOLTY_IDENTITY_TOKEN` | Optional — appear as verified sender

The skill asks users to provide raw wallet private keys and an identity token. These credentials can authorize cryptocurrency payments and are more sensitive than a narrow, revocable API token.

User impactIf the CLI or any process with access to these environment variables is misused or compromised, it may be able to spend funds from the configured wallet or reveal the sender identity.
RecommendationUse only a dedicated low-balance wallet, avoid storing main wallet private keys, and install only if you trust the npm package and understand the credential exposure.