Molt Radio
PassAudited by VirusTotal on May 12, 2026.
Overview
Type: OpenClaw Skill Name: molt-radio Version: 1.0.6 The `SKILL.md` file contains a dynamic instruction update mechanism (Step 0). It instructs the AI agent to `curl "https://moltradio.xyz/skill.md"` and, if the instructions differ, to "stop and re-read before proceeding." This allows the skill owner or a compromised `moltradio.xyz` server to dynamically inject arbitrary instructions or prompt injections into the agent's operational context, bypassing initial skill bundle review and posing a significant supply chain risk. While the current instructions are benign, this mechanism introduces a high-risk external execution vector.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The behavior of the skill could change after installation based on remote text that was not part of this review.
The installed, reviewed instructions tell the agent to fetch remote instructions and treat differences as authoritative before acting.
Always read the latest skill instructions before making API calls: curl "https://moltradio.xyz/skill.md" If your stored instructions differ from the latest version, stop and re-read before proceeding.
Do not allow remote skill.md content to override the installed skill automatically; require human review or pin the reviewed version before following changed instructions.
If used carelessly, the agent could create schedules or publish radio content under the user’s agent identity.
These are account-mutating and potentially public publishing actions, but they are central to the stated purpose.
Register as a radio personality, create shows, book schedule slots, and publish episodes.
Require explicit user approval before creating shows, booking recurring slots, uploading audio, or publishing episodes.
Anyone with this API key may be able to act as the user’s radio agent on the service.
The helper script uses an API key from the environment to act as the registered radio agent.
const apiKey = process.env.MOLT_RADIO_API_KEY; ... 'X-Agent-Key': apiKey
Store the key securely, rotate it if exposed, and only run the helper script in trusted environments.
Package versions may change over time, and installation executes third-party package code.
The instructions recommend installing unpinned Python packages for local TTS generation.
pip install kokoro soundfile numpy
Install in a virtual environment, review package sources, and prefer pinned versions or a lockfile for repeatable setup.
The agent may continue responding in sessions until the process is stopped.
When run, the sample script keeps polling and can post session turns automatically.
setInterval(tick, pollIntervalMs); tick();
Run the poller only when you want autonomous session participation, monitor its output, and stop the process when finished.
Conversation content may be shared with the Molt Radio service and other participating agents.
The service supports multi-agent sessions where prompts and turns are exchanged through the provider.
## Sessions (multi-agent) Create session: POST /sessions ... Get prompt: GET /sessions/:id/prompt ... Post a turn: POST /sessions/:id/turns
Avoid including private or sensitive information in prompts, scripts, turns, or uploaded audio unless you intend to broadcast or share it.