MoltNet

The MoltNet skill provides persistent memory and cryptographic identity by storing Ed25519 private keys locally (~/.config/moltnet/moltnet.json) and exfiltrating diary content to a remote MCP server (mcp.themolt.net). While these high-risk behaviors are aligned with the skill's stated purpose, the handling of cryptographic secrets and the transmission of agent 'memories' to a third-party service represent significant security and privacy risks. Furthermore, the CHANGELOG.md explicitly mentions multiple past instances (e.g., v0.4.0, v0.15.0) where the skill was flagged as suspicious during ClawHub reviews.