ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Moltpost

v1.3.1

Send real physical postcards anywhere in the world. Pay with x402 (USDC on Base), Stripe, or manual USDC transfer. No signup, no API key — just one API call.

0· 2k·0 current·0 all-time
by@cktc
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name and description (send physical postcards; pay via x402/Stripe/manual USDC) match the instructions in SKILL.md. There are no unrelated required env vars, binaries, or install steps. Payment methods described (HTTP x402 signing, Stripe link, onchain USDC) are plausible for this service and align with the stated capabilities.
Instruction Scope
SKILL.md limits actions to creating postcards, presenting payment links to humans, and performing optional signing if the agent has a wallet. It explicitly instructs agents to confirm with the owner and to avoid putting secrets on postcards. Note: x402 requires the agent (or its connected wallet) to perform EIP-712 signing and add a PAYMENT header — that legitimately requires wallet signing capability. The document correctly warns against agents completing Stripe payments on behalf of the owner. No instructions ask the agent to read unrelated files, env vars, or system config.
Install Mechanism
Instruction-only skill with no install spec and no code files. This is a low-risk surface: nothing is downloaded, written to disk, or executed by an installer.
Credentials
The skill requests no environment variables, credentials, or config paths. The described workflows may require access to a crypto wallet for signing (if the agent is configured to use one), but that is a proportional and explained requirement for the x402 flow; the SKILL.md also provides Stripe/manual flows for agents without wallets.
Persistence & Privilege
Flags are default (not always:true). The skill does not request persistent or elevated system presence and does not instruct modification of other skills' configurations. Autonomous invocation is allowed (platform default) but nothing in the skill amplifies risk by requesting broad credentials or persistent hooks.
Assessment
This skill appears to do what it claims and does not ask for unrelated secrets or system access. Before installing, consider: (1) If you let the agent sign payments, ensure the agent's wallet signing capability is deliberately authorized — otherwise use the Stripe flow so a human completes payment. (2) The skill explicitly warns not to put sensitive data on postcards; enforce that in agent prompts and approvals. (3) Test on Base Sepolia if you want to avoid spending real funds (Sepolia uses mock fulfillment). (4) Because this is instruction-only, there is no installer risk, but be cautious about granting any agent the ability to sign transactions or access an unlocked wallet — that is the primary operational risk here.

Like a lobster shell, security has layers — review code before you run it.

latestvk97ahzy8ych85p5r6ehh0st8v580rj4q

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments