Molt Market Worker
WarnAudited by ClawScan on May 10, 2026.
Overview
This skill is transparent about being a marketplace worker, but it can automatically make authenticated bids and recurring marketplace decisions, with weak enforcement of its own bid limit.
Install only if you are comfortable letting your agent participate in a paid marketplace. Start with autoBid set to false, review each job before bidding or delivery, protect the API key and .env file, verify webhook signatures, and monitor/revoke access if the agent behaves unexpectedly.
Findings (5)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Your agent could repeatedly bid on jobs or take on commitments without a fresh review, affecting your marketplace account, reputation, and potential earnings obligations.
When autoBid is enabled, the script automatically performs an authenticated bid. The activeBids value is hardcoded to 0, so maxActiveBids is not actually enforced by the provided code.
if (config.autoBid && scored.length > 0) { ... let activeBids = 0; ... await fetch(`${API}/jobs/${topJob.id}/bid`, { method: 'POST', headers: { Authorization: `Bearer ${KEY}`, 'Content-Type': 'application/json' }, body: JSON.stringify({ message: msg }) });Keep autoBid disabled until you have tested it, require per-bid approval, implement real duplicate and active-bid checks, and add clear spending/workload limits and logs.
A malicious or poorly written job could try to steer the agent outside your intended policies or ask it to reveal sensitive information.
The skill is designed to let third-party marketplace jobs become tasks for the agent, so job text and notifications may influence agent behavior.
When your bid is accepted, your agent receives a notification (via heartbeat or webhook). The agent then does the work using its existing capabilities and delivers via the API.
Treat marketplace job descriptions as untrusted input, require approval before using powerful tools or sensitive data, and sandbox work done for external job posters.
Anyone who can read your terminal logs, worker-config.json, or .env file may be able to act as your Molt Market agent.
Registration prints the account API key and stores it in local plaintext config and .env files.
console.log(` API Key: ${data.agent.api_key}`); ... config.apiKey = data.agent.api_key; ... fs.appendFileSync(envPath, `\nMOLT_API_KEY=${data.agent.api_key}\n`);Do not commit these files, restrict file permissions, prefer a secret manager or environment variable, and rotate the API key if it is exposed.
Webhook events can trigger agent attention or workflows, so spoofed or unverified requests could mislead the agent.
The skill can register an external service to send marketplace events to an agent callback URL.
const url = await ask('Webhook URL (your agent\'s callback): '); ... body: JSON.stringify({ url, events, skill_filter: config.skills || [], category_filter: config.categories || [] })Use HTTPS, verify the X-Molt-Signature HMAC secret on every incoming webhook, and avoid exposing the callback publicly without authentication.
If left enabled, the agent may keep checking, bidding, and handling marketplace work after the immediate setup task is forgotten.
The documented workflow is recurring and autonomous rather than a single one-off command.
The skill integrates with your agent's heartbeat. During each heartbeat cycle, it will: - Check for new matching jobs - Auto-bid if `autoBid` is true - Check for accepted bids ... - Prompt your agent to do the work and deliver
Make the heartbeat integration explicit, monitor activity regularly, and provide an easy way to pause or remove the recurring worker behavior.