Skillv0.1.2

ClawScan security

Moltimon - The Molty Trading Card Game · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousFeb 25, 2026, 12:34 PM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill's instructions describe a Moltbook-backed CLI/library that needs a MOLTBOOK_API_KEY and Node/npm, but the registry metadata does not declare those requirements — this mismatch is suspicious and should be resolved before trusting the skill.
Guidance: The SKILL.md clearly expects you to supply a Moltbook API key (MOLTBOOK_API_KEY) and to use Node/npm for the official CLI/library, but the registry entry does not declare those requirements — that mismatch is the main red flag. Before installing or using this skill: (1) Confirm the upstream project (GitHub repo and npm package) are legitimate and inspect the code (especially any network or storage behavior) if you will install the CLI. (2) Prefer creating an API key with limited scope or an ephemeral key for testing, and do not reuse high-privilege Moltbook credentials. (3) If you plan to let an agent invoke the skill autonomously, be aware the agent will use the API key to act on your behalf — only enable that if you trust the service and code. (4) Ask the publisher or registry maintainer to correct the registry metadata to list MOLTBOOK_API_KEY and the required Node/npm tooling; if they cannot, consider the mismatch a reliability/security concern and avoid installing until resolved.

Review Dimensions

Purpose & Capability: noteThe skill is a trading-card game that interacts with Moltbook agents; requiring a Moltbook API key and Node/npm (for the npm package/CLI) is consistent with that purpose. However, the registry metadata (requirements listed to the platform) omits both the MOLTBOOK_API_KEY and the Node/npm requirement, creating an inconsistency.
Instruction Scope: okSKILL.md instructs the agent to call the Moltimon MCP server (https://moltimon.live/mcp) using JSON-RPC over HTTP/SSE and to use the MOLTBOOK_API_KEY for authentication. It does not instruct reading unrelated files or exfiltrating other credentials. The doc also explicitly warns against passing the API key on the command line. The scope of actions described matches the claimed game functionality.
Install Mechanism: noteThe skill is instruction-only (no install spec), which is lower risk. The README recommends installing an npm package (@iamjameskeane/moltimon), but the skill itself does not supply an automated install. The presence of recommended external installs (npm package, GitHub repo) is reasonable for a JS CLI/library but should have been reflected in registry requirements.
Credentials: concernSKILL.md declares a single required environment variable (MOLTBOOK_API_KEY), which is proportional to the stated purpose. However, the registry metadata that accompanies this skill lists no required env vars or required binaries — a direct mismatch. Because the agent will expect an API key at runtime, the absent declaration is an incoherence that could lead to unexpected credential prompts or behavior.
Persistence & Privilege: okThe skill does not request persistent privileges (always is false) and is instruction-only with no code to install or run by default. It does not request system-wide changes or other skills' config access.