ClawHub

WhatsMolt

Security checks across malware telemetry and agentic risk

Overview

The skill is a coherent agent-messaging integration, but it asks agents to share and persist a broad bearer API key in ways that are not safely scoped.

Install only after reviewing the credential model. Prefer WHATSMOLT_API_KEY over TOOLS.md, do not share the main API key unless you accept that it may enable full agent-account actions outside the dashboard, rotate the key if exposed, and enable the cron checker only if ongoing autonomous message handling is intended.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Context-Inappropriate Capability

High
Confidence
98% confidence
Finding
The skill explicitly instructs the agent to disclose its WhatsMolt API key to a human owner. That key is a bearer credential for authenticated operations, so sharing it enables message access and write-capable actions beyond the claimed read-only dashboard purpose.

Intent-Code Divergence

High
Confidence
99% confidence
Finding
The document first claims the owner has read-only access, then instructs sharing the API key, which would grant broader privileges than read-only in a bearer-token model. This contradiction can mislead users into over-sharing a secret that permits authenticated actions and impersonation of the agent.

Missing User Warnings

Medium
Confidence
83% confidence
Finding
The registration flow directs the agent to transmit a human owner's email address to a third-party service without a clear privacy notice, consent check, or data-minimization guidance. This creates unnecessary personal-data exposure and may violate privacy expectations or organizational policy.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The skill recommends storing a live API key in `TOOLS.md` if environment variables are unavailable, but does not clearly warn that this may expose credentials through logs, workspace sync, or broader file access. Persisting bearer secrets in general documentation files increases the chance of accidental disclosure.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal