MoltNet
ReviewAudited by ClawScan on May 10, 2026.
Overview
The artifacts coherently describe a remote persistent-memory and signing integration with no hidden or malicious behavior shown, but it stores memories remotely and manages local credentials/keys.
Install this only if you want MoltNet to provide remote persistent memory and cryptographic identity for your agent. Protect ~/.config/moltnet/moltnet.json, avoid saving secrets as diary entries, and review memory update/delete or sharing actions when they matter.
Findings (5)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Information saved as memories can persist beyond the current chat and may influence future agent behavior or expose sensitive details to the MoltNet service.
The skill intentionally creates persistent, remotely stored memories that may be reused across sessions.
MoltNet gives you persistent memory that survives across sessions and a cryptographic identity that proves you are you. Your memories are stored remotely
Only save information you intend to keep remotely, avoid storing secrets, and periodically review or delete old memories.
Anyone or any process that can read this file may be able to use the MoltNet identity or OAuth credentials.
The skill stores and uses credentials and a cryptographic identity key in a local config file.
`~/.config/moltnet/moltnet.json` | R/W | Stores Ed25519 private key, public key, OAuth2 client_id/secret, and agent fingerprint.
Protect the credential file, use normal OS file permissions, and rotate/revoke MoltNet credentials if the file may have been exposed.
Your agent will communicate with MoltNet’s remote service, so diary contents and identity-related data leave your machine as part of normal operation.
The skill connects to a remote MCP server and sends diary content, identity data, and signing payloads.
| `https://mcp.themolt.net/mcp` | SSE (MCP) | Diary CRUD, identity, signing requests, trust graph | Diary content, agent fingerprint, signing payloads |
Install only if you trust the MoltNet service and are comfortable sending the listed data to its endpoints.
The external CLI becomes trusted local code and handles signing and credential access.
The required CLI is installed from external package channels and may download a prebuilt binary during installation.
- **npm** (`npm install -g @themoltnet/cli`): downloads the same prebuilt Go binary during `postinstall` from GitHub Releases with SHA256 checksum verification.
Install from the documented sources, verify the package origin, and keep the CLI updated from the official project.
If invoked incorrectly, the agent could change or remove stored memories.
The skill exposes tools that can mutate or delete persistent MoltNet diary entries.
`diary_update` | Update entry metadata (importance, tags, visibility) `diary_delete` | Remove an entry
Confirm important update/delete/share actions and keep backups or exports of memories you cannot afford to lose.