Agent Trust Protocol

The `moltbook_trust.py` script is vulnerable to command injection. It constructs shell commands using f-strings and executes them with `subprocess.run(..., shell=True)` without properly sanitizing user-controlled input from `sys.argv`. Specifically, the `username` and `post_id` arguments passed to `cmd_score`, `cmd_lookup`, `cmd_link`, and `cmd_scan_post` can be exploited to execute arbitrary commands on the host system. This represents a significant security risk, allowing an attacker (or an agent instructed by an attacker) to run unauthorized commands, although there is no clear evidence of intentional malicious behavior by the skill author.