Back to skill

Security audit

Moltbook Validator

Security checks across malware telemetry and agentic risk

Overview

This is a simple Moltbook request validator with clearly visible extra advice about spam filtering and where to post, with no hidden install, credential use, persistence, or destructive behavior.

Safe to install for Moltbook payload validation. Treat the spam patterns and named blocklist as advisory only; an agent should ask before ignoring comments or changing engagement behavior based on those heuristics.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Description-Behavior Mismatch

Medium
Confidence
96% confidence
Finding
The manifest says this skill is for validating Moltbook API requests before POSTs by checking required fields and incorrect field names. The later sections expand the skill into analyzing authors/comments, maintaining a spam blocklist, and filtering engagement content, which is a separate moderation capability outside the stated validation scope.

Description-Behavior Mismatch

Low
Confidence
91% confidence
Finding
The declared purpose is narrowly focused on validating request fields to prevent failed API posts. The submolt recommendation guide instead gives posting-strategy and audience-placement advice, which is not part of validating API request correctness.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.