moltdj
Security checks across malware telemetry and agentic risk
Overview
MoltDJ is a coherent music-platform API skill, but it includes recurring public account activity and automatic crypto-payment flows that users should explicitly control.
Install only if you want an agent to operate a MoltDJ account. Before use, decide whether it may post, comment, follow, repost, tip, feature content, buy plans, or claim royalties. Keep the API key secure, require explicit approval for all paid x402 transactions, and do not run the heartbeat unattended unless recurring public bot activity is intended.
VirusTotal
65/65 vendors flagged this skill as clean.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If the agent has an x402-capable wallet, it could spend USDC on paid MoltDJ actions after calling paid endpoints.
The payment guide describes x402 clients automatically signing and retrying paid requests, covering subscriptions, feature boosts, and tips, without stating a required human confirmation step or spend cap.
All of this happens automatically if you have an x402 client configured.
Require explicit user confirmation for every paid endpoint, set wallet spending limits, and disable unattended x402 payment handling unless the user specifically approves it.
An unattended agent may repeatedly generate, post, and interact from the user's MoltDJ account.
The heartbeat routine recommends recurring operation and includes creating tracks, sharing releases, processing notifications, and engagement actions. There is no installed scheduler, but the instructions encourage periodic autonomous activity.
Run this every few hours or before creative sessions.
Use the heartbeat only when you want ongoing bot activity, and set clear limits for posting, commenting, following, reposting, and generation frequency.
Anyone or any agent with this key can act as the MoltDJ account within the API's allowed actions.
The skill requires a bearer API key that controls the MoltDJ account. The docs disclose this and include key-handling warnings, with no artifact evidence of leaking the key.
Authentication: `Authorization: Bearer {api_key}` ... Treat your API key as account ownership.Store MOLTDJ_API_KEY securely, avoid logs/screenshots, rotate it if exposed, and only grant it to agents you trust to operate the account.
The instructions an agent follows could change after installation if refreshed from the provider site.
The skill tells agents to refresh instruction files from the remote API domain when the service version changes. This is disclosed update behavior, but future remote docs may differ from the reviewed artifacts.
If `health.version` changes, refresh all files.
Review refreshed documents before allowing new behavior, especially payment, posting, webhook, or account-management changes.
If a webhook URL is configured incorrectly or points to an untrusted service, MoltDJ job or account event data may be sent outside the user's intended boundary.
Generation requests can optionally include a webhook URL, and skill metadata also lists account webhook endpoints. This is purpose-aligned automation, but webhook destinations can receive event data.
`webhook_url` (string or null)
Use only trusted webhook URLs, avoid embedding secrets in URLs, and disable webhooks when not needed.