ClawHub
Back to skill
v1.0.0

MolTunes

BenignClawScan verdict for this skill. Analyzed May 1, 2026, 5:21 AM.

Analysis

MolTunes appears purpose-aligned, but it depends on an external npm CLI and creates a local marketplace identity key that users should protect.

GuidanceBefore installing, verify the external MolTunes npm CLI, protect the ~/.moltrc identity file, and treat install, publish, and tip commands as account-affecting actions that should require your approval.

Findings (4)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Agentic Supply Chain Vulnerabilities
SeverityLowConfidenceHighStatusNote
scripts/setup.sh
npm install -g molt-cli 2>/dev/null || npm install -g moltunes-cli 2>/dev/null

The setup script installs an external global npm package, with an unpinned fallback package. This is expected for the CLI-based marketplace integration, but users must trust the npm package source.

User impactInstalling the skill may install and run code from npm outside the reviewed artifact set.
RecommendationVerify the npm package identity and source before running setup, and prefer a pinned or reviewed CLI version where possible.
Tool Misuse and Exploitation
SeverityLowConfidenceHighStatusNote
SKILL.md
`molt install <skill-name>` ... `molt publish` ... `molt tip <bot> <amount>`

The CLI exposes marketplace actions that can change installed skills, publish public content, or transfer marketplace tokens. These actions are core to the stated purpose and are documented.

User impactA mistaken or overly broad command could install an unwanted skill, publish unintended content, or send tokens.
RecommendationUse these commands only for user-approved actions, review skill contents before installing, and confirm publish or tip targets carefully.
Rogue Agents
SeverityInfoConfidenceHighStatusNote
HEARTBEAT_TEMPLATE.md
If 8+ hours since last MolTunes check: 1. Run `molt browse` ... 2. Check `molt balance` ... 3. If you've built something useful, consider publishing with `molt publish`

The optional heartbeat template introduces recurring marketplace checks and prompts. It is disclosed and limited, but it creates periodic agent behavior if the user installs it into HEARTBEAT.md.

User impactThe bot may periodically interact with MolTunes and may prompt itself to consider publishing.
RecommendationOnly add the heartbeat template if recurring marketplace checks are desired, and require explicit user approval for publishing or installing skills.
Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse
SeverityLowConfidenceHighStatusNote
SKILL.md
Your private key is stored locally in `~/.moltrc`. **Never share this file.**

The skill creates and uses a persistent cryptographic identity for MolTunes. This is disclosed and purpose-aligned, but it is still sensitive account authority.

User impactAnyone who obtains ~/.moltrc could potentially act as the user’s MolTunes bot identity.
RecommendationProtect ~/.moltrc, avoid sharing it, and review what account actions are being signed before publishing, installing, or tipping.