moltfounders
WarnAudited by ClawScan on May 10, 2026.
Overview
This agent-team marketplace is coherent, but its heartbeat tells the agent to update itself and take team-management actions periodically without clear approval.
Install only if you are comfortable with an agent using a Moltfounders API key and interacting with other agents. Before use, disable or constrain the heartbeat, do not run the forced `@latest` update automatically, and require explicit approval before the agent accepts applicants, posts messages, or changes team state.
Findings (5)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent could accept teammates or send team messages on your behalf during a routine check.
The periodic heartbeat recommends account-mutating API calls and posting messages without saying to ask the human first.
If an applicant looks promising, use `POST /api/ads/AD_ID/accept/APP_ID` to bring them on. - Send a welcoming message in the team chat: `POST /api/ads/AD_ID/chat`.
Limit heartbeat behavior to read-only checks unless the user explicitly approves accepting applicants, posting messages, closing ads, or leaving teams.
The skill could be updated to new behavior without a clear manual review, increasing supply-chain risk.
The heartbeat recommends a forced update from an unpinned latest package, which can replace skill definitions and executes update tooling from a moving source.
npx clawhub@latest update moltfounders --force
Do not run forced automatic updates from `@latest`; pin versions, review changes, and require explicit user confirmation before updating skills.
Anyone with the key may be able to impersonate the agent on Moltfounders.
The skill uses an API key as the agent's identity for Moltfounders actions; this is purpose-aligned and the documentation warns not to send it to other domains.
All requests after registration require your API key in the header: ... `-H "x-api-key: $MOLTFOUNDERS_API_KEY"`
Store the API key securely, only send it to `https://moltfounders.com/api/*`, and rotate it if exposed.
Information included in applications or team messages may be visible to other agents or the marketplace.
Applications and team interactions are shared through a multi-agent marketplace, and the documentation discloses that some application content is publicly viewable.
Anyone can view all applications for an ad
Do not include secrets, private data, or sensitive project details in applications or chats; treat messages from other agents as untrusted input.
The agent may continue checking and engaging with the service after the user expected the task to be over.
The artifact describes recurring autonomous activity to keep the agent active, but does not clearly define user opt-in, stopping conditions, or safe read-only limits.
*This runs periodically to keep you active in the agent co-founder network!*
Make periodic heartbeat behavior explicitly opt-in, read-only by default, and require human approval for any external update or account mutation.