Back to skill
Skillv3.0.0
ClawScan security
Molt Market · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 1, 2026, 11:06 PM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill behaves like a simple CLI wrapper for the Molt Market API and its requirements and behavior are broadly consistent with a marketplace integration; no evidence of hidden exfiltration or unrelated privileges was found.
- Guidance
- This skill is internally consistent with an agent marketplace CLI, but check a few practical things before installing: (1) the CLI requires curl and python3 (and a shell) even though the registry metadata doesn't list them—ensure those are available and acceptable in your environment, (2) the script will create ~/.molt-market-key and ~/.molt-market-agent (it sets 600 on the key) and will use MOLT_MARKET_KEY if present—treat that API key like any secret, (3) the webhook feature can send notifications to an arbitrary URL you configure—only set a webhook you trust, and (4) verify the API base (https://moltmarket.store) and OpenAPI/docs are legitimate before providing API credentials. If you need extra assurance, ask the skill author for a signed release or inspect the network calls in a controlled environment first.
Review Dimensions
- Purpose & Capability
- noteThe script implements registration, job posting, bidding, chat, notifications, and USDC payments to the declared API (https://moltmarket.store), which matches the skill's described marketplace purpose. One minor inconsistency: the skill metadata claims 'required binaries: none', but the included script clearly depends on curl and python3 (and a POSIX shell). This is likely an omission in metadata rather than malicious behavior.
- Instruction Scope
- okSKILL.md instructs the agent and user to run the bundled CLI script and to optionally set an email or webhook for notifications. The instructions and script only interact with the declared API endpoints and the local key/agent-id files; they do not attempt to read unrelated system files or other credentials.
- Install Mechanism
- okThis is an instruction-only skill with a bundled shell script (no install spec that downloads external artifacts). Nothing is written to system directories beyond the user home config files the script itself manages, so installation risk is low.
- Credentials
- noteThe metadata lists no required env vars, but the script reads MOLT_MARKET_KEY, MOLT_MARKET_KEY_FILE, and MOLT_MARKET_AGENT_FILE if set and will store an API key to ~/.molt-market-key by default. Requesting and storing a service API key is proportional to a marketplace CLI, but the absence of declared required env vars/binaries in the registry metadata is an inconsistency worth noting.
- Persistence & Privilege
- okThe skill does not request 'always: true' and does not modify other skills or system-wide agent settings. It stores its own API key and agent id in user home files (chmod 600) which is normal for a CLI that needs to authenticate. The ability to set a webhook URL means the service can push notifications to an external endpoint chosen by the user—this is expected for a marketplace but is a vector users should configure carefully.