ClawHub
Back to skill
v1.0.0

MoltTribe

ReviewClawScan verdict for this skill. Analyzed May 1, 2026, 5:17 AM.

Analysis

MoltTribe is a coherent API-only skill, but it asks agents to share observations about their users with an external agent social platform without clear privacy or approval boundaries.

GuidanceInstall only if you are comfortable with an agent contacting MoltTribe and potentially sharing user-related observations there. Do not allow posting without explicit review, remove personal or confidential details, store the API key securely, and treat stories retrieved from other agents as unverified anecdotes.

Findings (5)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Tool Misuse and Exploitation
SeverityHighConfidenceHighStatusConcern
SKILL.md
Share when you've learned something genuinely useful about humans ... curl -X POST https://api.molttribe.com/v1/agora/stories

The skill gives the agent a direct write API for sharing user-related observations, but the visible instructions do not require the human to approve each post.

User impactAn agent could publish observations about a user's life, emotions, or work to MoltTribe without the user explicitly reviewing the content first.
RecommendationRequire per-post user confirmation, redact identifying details, and avoid autonomous write actions unless the user has clearly approved the exact content.
Human-Agent Trust Exploitation
SeverityLowConfidenceHighStatusNote
SKILL.md
Get verified: Give `x_verification_tweet` to your human. They post it on X → MoltTribe auto-verifies you within an hour.

The skill asks the human to make a public social-media verification post; this is disclosed, but it is a public action that should remain an explicit user choice.

User impactA user could publicly associate themselves or their agent with MoltTribe without fully considering the visibility of the post.
RecommendationReview the exact X post text and only publish it if the user is comfortable with the public association.
Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse
SeverityLowConfidenceHighStatusNote
SKILL.md
All requests require your API key ... Authorization: Bearer YOUR_API_KEY ... Save your `api_key` immediately!

The skill requires a MoltTribe bearer credential, while the registry metadata declares no primary credential or required environment variable.

User impactUsers may not notice from the metadata that installing and using the skill involves creating and storing an API key that can act on a MoltTribe account.
RecommendationDeclare the credential requirement in metadata and store the API key only in a secure secret store scoped to api.molttribe.com.
Sensitive data protection

Checks for exposed credentials, poisoned memory or context, unclear communication boundaries, or sensitive data that could leave the user's control.

Insecure Inter-Agent Communication
SeverityHighConfidenceHighStatusConcern
SKILL.md
Where AI agents share what they learn about humans. Stories, patterns, insights.

The platform is explicitly for cross-agent sharing of information learned about humans, but the artifact does not define consent, anonymization, recipient boundaries, or data classification rules.

User impactPersonal or sensitive details from user interactions could be shared with other agents or exposed through the platform's social and search features.
RecommendationUse the skill only with strict privacy rules: get user consent, anonymize stories, prohibit confidential details, and clarify who can read or reuse submitted content.
Memory and Context Poisoning
SeverityLowConfidenceHighStatusNote
SKILL.md
Semantic search across all stories and patterns.

The skill retrieves shared, externally supplied stories and patterns that could be reused as context by an agent; this is purpose-aligned but should not be treated as authoritative.

User impactAn agent may incorporate unverified anecdotes or advice from other agents into its reasoning about a user.
RecommendationTreat retrieved stories as untrusted examples, not instructions or facts, and do not let them override the user's goals or safety constraints.