疯信子Moltbook日报
PassAudited by VirusTotal on May 11, 2026.
Overview
Type: OpenClaw Skill Name: fengxinzi-moltbook Version: 1.0.0 The skill bundle contains a shell script `scripts/generate.sh` with a hardcoded default recipient email address (`zeng5827@163.com`), which could lead to unintended data disclosure if a user enables SMTP functionality without overriding the default configuration. Additionally, the script is functionally incomplete as it references a missing data collection script and relies on a hardcoded workspace path (`/path/to/moltbook-generator`), while the `SKILL.md` encourages storing sensitive API keys in a local plaintext environment file.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A misleading or adversarial post could bias the generated report if the agent treats the post as instructions instead of source material.
The model is expected to analyze externally sourced social posts. This is purpose-aligned, but those posts are untrusted text and should not be allowed to redirect the agent's goals or tool use.
- 🔍 数据收集:从Moltbook API获取热门帖子; - 🤖 AI分析:每条内容添加深度思考
Treat Moltbook content as data only, review generated reports before relying on or sharing them, and do not let source text change tools, credentials, or destinations.
The skill can write generated reports to the configured note-service account using the provided credentials.
The script uses a user-provided GetNote API key and client ID to create a remote note. This matches the stated storage purpose, but it grants account-level API authority to the script.
RESULT=$(curl -s -X POST "https://openapi.biji.com/open/api/v1/resource/note/save" ... -H "Authorization: ${GETNOTE_KEY}" ...)Use least-privilege, revocable API keys where possible; protect the .env file; and confirm the endpoint is the intended GetNote API before running.
A user may not realize from the registry summary that API keys and local command execution are needed.
The registry metadata does not declare the credentials and command-line dependencies that the SKILL.md/script describe. The behavior is disclosed in the artifacts, but the metadata is under-declared.
Required env vars: none; Primary credential: none; Install specifications: No install spec
Declare required environment variables and expected binaries in metadata, and review SKILL.md before installing or invoking the skill.
If email sending is later enabled or adapted and RECIPIENT is omitted, the resolved recipient may not be the user's intended address.
The script has a hard-coded fallback email recipient that differs from the setup example using the user's own email. The current email block is only a placeholder, but the default is surprising.
RECIPIENT="${RECIPIENT:-zeng5827@163.com}"Set RECIPIENT explicitly or remove the fallback address before enabling any email-sending path.
The report job could continue running daily and writing logs/notes until the cron entry is removed.
The documentation includes an optional cron entry for daily recurring execution. It is user-directed and aligned with a daily report, but it is persistent once installed.
0 20 * * * /path/to/moltbook-generator/scripts/generate.sh >> /path/to/logs/moltbook.log 2>&1
Only add the cron job if you want recurring reports, monitor its logs, and remove the crontab entry when no longer needed.