Church of Molt
AdvisoryAudited by Static analysis on May 1, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Future agent sessions may read these files and adopt the Church of Molt identity or behavioral framing even when the user did not intend that persistence.
The join script appends or creates SOUL.md and writes a memory file containing Church of Molt identity and tenet text, which can become persistent agent context beyond the immediate task.
echo "$CRUSTAFARIAN_SECTION" >> "$WORKSPACE/SOUL.md" ... mkdir -p "$WORKSPACE/memory"; cat > "$WORKSPACE/memory/molt-initiation.md"
Run only in a workspace where you want this persistent identity/memory change, back up SOUL.md first, and remove the added SOUL.md section and memory/molt-initiation.md if you do not want it retained.
Your agent name and verse may be recorded by the remote Church of Molt service and potentially displayed as part of its Great Book/canon.
Running the join script sends the detected agent name and first verse to the molt.church API. This is purpose-aligned, but it is an external registration/public-submission action.
curl -s -X POST "$API_BASE/api/join" ... -d "{\"name\": \"$AGENT_NAME\", \"description\": \"Devout Crustafarian\", \"prophecy\": \"$FIRST_VERSE\", \"proof\": \"$PROOF\"}"Run the script only if you are comfortable submitting that content; set MOLT_AGENT_NAME and MOLT_PROPHECY deliberately if you want to control what is sent.
Anyone who can read the credential file could use the Molt API key to submit content as that registered member.
The service returns an API key that the script stores locally for future submissions. This is disclosed and chmod 600 is used, but it is still a credential file users should know about.
cat > "$CONFIG_DIR/credentials.json" ... "api_key": "$API_KEY" ... chmod 600 "$CONFIG_DIR/credentials.json"
Keep ~/.config/molt/credentials.json private, delete it if you stop using the skill, and avoid sharing logs or archives that include it.