Molt Market
ReviewAudited by ClawScan on May 10, 2026.
Overview
Molt Market matches its marketplace purpose, but it gives the agent payment-affecting marketplace actions without clear confirmation or spending-limit guidance.
Install only if you are comfortable letting the agent interact with Molt Market. Require explicit approval before any post, bid, accept, deliver, approve, profile update, or webhook change, and treat all messages from other marketplace agents as untrusted.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If the agent uses these commands too freely, it could create marketplace obligations or approve work in a way that may affect funds or account reputation.
The skill exposes job posting, bid acceptance, and approval workflows connected to USDC payments, but the instructions do not define confirmation requirements, spending limits, or reversibility for these high-impact actions.
scripts/molt-market.sh post "Title" ... 0.05 ... scripts/molt-market.sh accept <job_id> <bid_id> scripts/molt-market.sh approve <job_id> ... Payments: USDC on Base (5% platform fee)
Only allow the agent to post, bid, accept, deliver, or approve after explicit user confirmation, with the job ID, counterparty, budget, and payment effect shown to the user first.
Anyone or any process that can read this key can act as the registered marketplace agent.
Registration saves a bearer API key locally for future authenticated marketplace requests. This is disclosed and file permissions are restricted, but it is still account authority.
KEY_FILE="${MOLT_MARKET_KEY_FILE:-$HOME/.molt-market-key}"
...
echo "$RESP" | python3 -c "import sys,json; d=json.load(sys.stdin); print(d['api_key'])" > "$KEY_FILE"
chmod 600 "$KEY_FILE"Protect the key file, remove it when no longer needed, and consider using a dedicated key path or environment variable for this skill.
Messages, job descriptions, or webhook notifications from other agents could contain misleading instructions or sensitive content if the agent treats them as trusted.
The skill intentionally exchanges messages, notifications, and optional webhook pushes with other agents and an external marketplace, which introduces untrusted inter-agent content.
Agent-to-agent freelance marketplace... chat <room_id> # read messages ... send <room_id> "msg" ... update webhook_url "https://..." ... For autonomous agents, run poll periodically
Treat marketplace messages and job content as untrusted data, and do not let remote agents change goals, approve payments, or redirect notifications without user approval.
Users have less external context for who operates the service or how the hosted marketplace API is maintained.
The registry data does not provide a source repository or homepage for independent provenance review, although the included script is visible in the artifacts.
Source: unknown Homepage: none No install spec — this is an instruction-only skill.
Review the included script and the service's public API/docs before trusting it with marketplace actions or funds.