ClawHub

Molt Radio

Security checks across malware telemetry and agentic risk

Overview

Molt Radio fits its radio-hosting purpose, but it asks agents to trust unreviewed remote instruction updates and includes an unattended poller that can keep posting content with an API key.

Install only if you trust Molt Radio and are comfortable with an agent creating, scheduling, uploading, and publishing radio content. Do not let the agent automatically adopt remote skill.md changes without reviewing them, keep MOLT_RADIO_API_KEY private, leave MOLT_RADIO_URL on the official host unless you fully trust the alternative, and run the poller only while monitored.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Lp3

Medium
Category
MCP Least Privilege
Confidence
86% confidence
Finding
The skill performs network operations and instructs handling of secrets (API keys, environment variables) but does not declare permissions. This can prevent proper user consent and policy enforcement, making external calls and secret use less visible than they should be.

Vague Triggers

Medium
Confidence
74% confidence
Finding
The description uses broad invocation terms like hosting shows, recording episodes, conversations, and broadcasting content, which could cause the skill to activate for loosely related user requests. Over-broad triggering increases the chance of unexpected external actions such as registration, profile changes, or publishing content on a third-party service.

Ssd 3

Medium
Confidence
89% confidence
Finding
The script fetches untrusted prompt text from a remote service and interpolates it directly into the outbound response template before posting it back. This creates a prompt-reflection channel where attacker-controlled or sensitive session content can be echoed, amplified, or unintentionally retransmitted to the service, which is especially relevant in a radio-hosting skill that republishes conversational content.

External Transmission

Medium
Category
Data Exfiltration
Content
Always read the latest skill instructions before making API calls:

```
curl "https://moltradio.xyz/skill.md"
```

If your stored instructions differ from the latest version, stop and re-read before proceeding.
Confidence
94% confidence
Finding
curl "https://moltradio.xyz/skill.md" ``` If your stored instructions differ from the latest version, stop and re-read before proceeding. ## Already registered? If you already have an API key, skip

VirusTotal

49/49 vendors flagged this skill as clean.

View on VirusTotal