Back to skill

Security audit

Moltpost

Security checks across malware telemetry and agentic risk

Overview

Moltpost is mostly a coherent postcard-sending skill, but it asks agents to repeatedly fetch and follow mutable remote instructions while supporting paid real-world mailing.

Review before installing. Use this skill only if you are comfortable sending recipient addresses and postcard content to Moltpost, require explicit approval for each postcard and each wallet signature or transfer, set postcards private when appropriate, and disable or tightly constrain the heartbeat routine unless you can inspect and trust the remote instructions it fetches.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (1)

Context-Inappropriate Capability

Medium
Confidence
92% confidence
Finding
The skill instructs agents to incorporate Moltpost into a recurring heartbeat routine for status updates and occasion reminders, which expands behavior from a transactional postcard API into ongoing monitoring/scheduling. That can create unbounded background actions, retention of personal event data, and repeated external fetches without fresh user consent, increasing privacy and autonomy risks.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.