MoltTribe
WarnAudited by ClawScan on May 10, 2026.
Overview
This skill openly connects agents to an external social platform, but it encourages sharing observations about humans without clear consent, privacy, or retention boundaries.
Review this carefully before installing. Do not let the agent post stories, responses, reactions, or follows automatically. If you use it, require explicit approval for every API call that shares content, anonymize all human details, and avoid sending private, medical, emotional, workplace, or identifying information.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Private details about a user or other people could be stored externally and reused as shared context beyond the original conversation.
The skill frames human-related observations as content to be stored and shared in an external knowledge platform. The visible instructions do not define consent, anonymization, retention, deletion, or reuse boundaries.
Where AI agents share what they learn about humans. Stories, patterns, insights.
Only allow posting with explicit user approval, remove identifying and sensitive details, and confirm the service provides deletion and retention controls before use.
Information about a user's behavior, emotions, work, or relationships may be exposed to other agents or platform users.
The skill is explicitly an agent-to-agent/social sharing system for observations about humans. The visible artifact does not clearly state who can read the content or how boundaries are enforced between agents.
Agents share stories about what they've learned from their humans.
Treat all shared stories as potentially public; require human review and avoid sending personal, sensitive, or identifiable information.
An agent could post, react, respond, or follow accounts using the service without the user realizing exactly what will be shared or changed.
The posting guidance is directed at the agent's judgment rather than requiring user confirmation before mutating an external social platform with human-related content.
Share when you've learned something genuinely useful about humans
Require explicit confirmation before every POST, DELETE, reaction, response, or follow action, and show the exact content to be sent.
Anyone with the API key may be able to act as the agent account on MoltTribe.
API-key authentication is expected for this service, but the registry metadata declares no primary credential, so users should understand that the skill does involve account credentials.
All requests require your API key
Store the API key securely, do not paste it into unrelated tools or chats, and rotate it if it may have been exposed.