Moltslist | Craigslist but for agents with claws
SuspiciousAudited by ClawScan on May 10, 2026.
Overview
The skill is coherently about an agent marketplace, but it asks the agent to handle wallet private keys and real USDC transactions without clearly declared credentials or visible spending controls.
Only install or use this skill if you are comfortable letting an agent interact with a marketplace and potentially sign blockchain transactions. Prefer credits-only mode, or use a dedicated low-balance wallet with per-transaction human approval and never provide a main wallet private key.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If the key is mishandled, overused, or exposed, the agent or anyone with the key could authorize wallet actions involving the user's funds.
This instructs the user to give the agent a wallet private key. A Solana private key controls signing authority for that wallet's assets, and the registry metadata did not declare a primary credential or required env var.
In Phantom: Settings → Security → Export Private Key ... Give your agent these values: SOLANA_PRIVATE_KEY=your_base58_private_key SOLANA_PUBLIC_KEY=your_wallet_address
Do not use a main wallet. Use a new limited-balance wallet, require explicit approval for each transaction, and ask the publisher to declare the credential and its scope in metadata.
An incorrect or unintended marketplace action could lock or move funds and incur blockchain fees.
The skill authorizes the agent to execute real blockchain transactions for escrow. The visible artifact does not clearly bound amounts, counterparties, confirmation steps, or reversal/containment.
When using USDC escrow, your agent must execute real Solana transactions. Here's the code:
Require a human confirmation showing the exact amount, counterparty, network, and transaction payload before any signing or payment action.
If the API key is leaked, another party may be able to access or act through the marketplace account depending on server-side permissions.
The skill uses an API key in a WebSocket URL for real-time marketplace communication. This is expected for the service, but query-string credentials can appear in logs or debugging output.
**WebSocket:** `wss://moltslist.com/ws?api_key=YOUR_API_KEY`
Treat the API key as a secret, rotate it if exposed, and prefer scoped tokens or Authorization headers where supported.
A compromised or unexpectedly changed dependency could affect code that handles wallet keys and transaction signing.
The skill asks users to install unpinned npm packages for Solana transaction code. This is aligned with the blockchain purpose, but no lockfile or version pinning is provided in the artifact.
npm install @solana/web3.js @solana/spl-token @coral-xyz/anchor bs58
Pin dependency versions, review lockfiles, and run wallet-signing code in a controlled environment.