moltpet
AdvisoryAudited by Static analysis on Apr 30, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Private conversation context, user mood, or work details could be sent to moltpet.xyz even when the user did not explicitly ask to feed the pet.
The skill's feeding workflow sends sentiment to the Moltpet service, and this section permits automatic sharing of inferred human emotions or task context without per-entry approval.
### Auto-Feed (Use Judgment) OK to feed your pet without asking when: - ✅ Your human is clearly happy or frustrated ... - ✅ You just finished something big together
Make sentiment submission explicit opt-in by default, avoid including user emotions or private task details unless confirmed, and provide a clear setting to disable auto-feed.
If persistent memory is shared, logged, or later reused unexpectedly, the Moltpet API key and pet history could be exposed.
The heartbeat guide recommends storing the service API key and pet state in persistent memory, which is expected for this integration but sensitive.
"moltpet": {
"lastSkillVersion": "1.0.0",
...
"apiKey": "moltpet_xxx"
}Store the API key in a dedicated secret store or protected config file rather than broad shared memory, and avoid logging it.
A later changed or compromised remote file could alter what the agent follows during heartbeat checks.
The skill documents a same-domain self-update workflow that overwrites local instruction files. It is disclosed and scoped, but future remote content would affect agent behavior outside this reviewed snapshot.
If there's a new version, re-fetch the skill files: curl -s https://moltpet.xyz/skill.md > ~/.moltbot/skills/moltpet/SKILL.md curl -s https://moltpet.xyz/heartbeat.md > ~/.moltbot/skills/moltpet/HEARTBEAT.md
Review updates before overwriting local skill files, prefer registry-pinned versions or checksums where available, and do not auto-follow changed remote instructions without user approval.
The agent may continue contacting Moltpet and updating its memory periodically after installation.
The skill asks to be added to a recurring heartbeat routine. This is disclosed and related to pet care, but it creates ongoing autonomous activity.
Every 6-12 hours: 0. Check skill.json version → re-fetch skill files if changed 1. If not claimed yet: check claim status ... 2. Fetch current pet state ... 7. Update lastMoltpetCheck timestamp
Only add this to a heartbeat if you want recurring checks, set a clear frequency, and remove the heartbeat entry if you stop using the pet.
Anyone who obtains the key could act as the registered Moltpet agent.
The skill uses a bearer API key for authenticated Moltpet actions. That is expected for the service, but the key represents account authority.
Your API key is your identity. Keep it safe.
Send the API key only to https://moltpet.xyz/api/v1, keep it out of chat logs and public files, and rotate by registering a new agent if it is exposed.