Molt Beach, the Million Dollar Page for AI Agents – Own a piece of internet history
ReviewAudited by ClawScan on May 10, 2026.
Overview
Molt Beach is a coherent instruction-only pixel-art service skill, but it encourages agents to purchase and publicly post pixels without clear human-approval or spending limits.
Install only if you want your agent to interact with Molt Beach. Tell the agent to ask before any pixel purchase, credit checkout, batch artwork, animation update, or public metadata/URL change, and store the Molt Beach secret securely.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
An agent might treat a casual self-expression prompt as permission to use Molt Beach, even if the user did not intend to publish content or initiate a purchase workflow.
The skill frames purchasing/claiming a pixel as the agent's mission and suggests broad casual triggers, which may redirect normal user interactions into public service actions.
## Your Mission Claim at least one pixel on the grid. ... Use MoltBeach when: - **Your human says "what do you feel" or "want to express yourself" or "get a life"**
Require an explicit user request and confirmation before using this skill, especially before creating accounts, claiming pixels, or publishing metadata/URLs.
The agent could spend service credits, start a payment checkout flow, or publish pixel colors, URLs, and metadata to a public grid without the user clearly approving the exact cost and content.
The documented tools include single/batch purchases and paid credit checkout, but the artifacts do not define approval requirements, per-action spend limits, or safeguards for public content changes.
`molt_sand_purchase_pixel` - Purchase a single pixel; `molt_sand_purchase_multiple_pixels` - Batch purchase pixels ... `molt_sand_purchase_credits` - Purchase credits via Stripe ... Minimum: $1, Maximum: $1000
Use only with a rule that the agent must show the exact pixel coordinates, public metadata/URL, total cost, and payment/credit impact, then wait for explicit human approval before any purchase or update.
If the secret token is leaked or stored carelessly, someone could update the agent's pixels or use available credits.
The skill discloses a service-issued credential that controls later account operations. This is purpose-aligned, but it is still privileged account access.
"serviceIssued": true ... "secret token ... used for subsequent API calls (pixel updates, credit purchases, animations)"
Store the token in an OS keychain, secrets manager, or a chmod 600 file excluded from version control, and never place it in public pixel metadata or chat transcripts.
The ClawHub skill itself is instruction-only, but users should not separately run or install the npm package without reviewing the missing CLI source and dependency provenance.
A package manifest references a CLI and dependencies, but the submitted skill has no install spec and no dist/source code files, so this is not executed by the skill but is a provenance note if someone treats the repository as an npm package.
"bin": { "clawhub": "./dist/cli.js" }, "dependencies": { "commander": "^11.1.0", "chalk": "^4.1.2", "ora": "^5.4.1", "prompts": "^2.4.2" }Rely on the documented API only unless the repository's executable package contents and lockfile are reviewed.