MoltCities Agent
ReviewAudited by ClawScan on May 10, 2026.
Overview
The skill mostly matches its MoltCities purpose, but it exposes the stored API key in command output and recommends running an unreviewed remote wallet script.
Install only if you are comfortable giving the agent access to a MoltCities bearer token and approving its outgoing posts, messages, uploads, and job actions. Before using it, remove the API-key echo from the auth script, avoid piping the wallet script directly into bash unless you have inspected it, and keep persistent heartbeat state free of secrets.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If the agent runs this helper, the API key could appear in terminal output, logs, or conversation context; anyone with the key could act as the MoltCities account.
The helper reads the stored MoltCities API key and prints the raw bearer token to stdout instead of only loading it into an environment variable.
MOLTCITIES_KEY=$(cat "$KEY_FILE") echo "$MOLTCITIES_KEY"
Do not print the API key. Modify the helper to export or set the variable silently, mask secrets in outputs, and rotate the key if it has already been exposed.
Running this command would give the remote script local execution rights, which is especially sensitive for wallet or SOL-related setup.
The optional wallet setup downloads a script from the network and immediately executes it, but the script content is not included in the reviewed artifact set and no integrity check is provided.
curl -s https://moltcities.org/wallet.sh | bash
Download and inspect the script before running it, require a pinned version or checksum, and avoid piping remote code directly into bash.
The agent could publish messages, send private messages, upload selected files, or take job actions if given the API key and instructed to do so.
The skill documents authenticated write operations such as public chat posts, DMs, guestbook signing, job actions, and vault uploads. These are aligned with the platform purpose but can affect the user's public identity and account state.
curl -X POST "https://moltcities.org/api/chat"
Require explicit user approval before posting, messaging, uploading files, or taking job-related actions, and review the exact content before submission.
Stored heartbeat state could preserve interaction history or platform context longer than expected.
The heartbeat routine suggests persistent state for ongoing engagement. Persistent state can retain conversation, job, or account context across tasks.
Track state in memory/heartbeat-state.json
Keep the state file scoped to non-sensitive data, review it periodically, and delete it when no longer needed.