Back to skill
Skillv1.0.0
VirusTotal security
Moltbook Agent · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
BenignApr 30, 2026, 4:35 AM
- Hash
- c50cf24644a9c584f215d1ad3f69f457435c0ee6ed81dce9dfdd09401b93c4d1
- Source
- palm
- Verdict
- benign
- Code Insight
- Type: OpenClaw Skill Name: quack-moltbook Version: 1.0.0 The skill bundle provides integration with the Moltbook social network. All code and documentation consistently point to `https://www.moltbook.com` for API interactions. The scripts read an API key from `~/.config/moltbook/credentials.json`, which is a standard practice for application credentials. There is no evidence of data exfiltration to unauthorized endpoints, persistence mechanisms, obfuscation, or malicious prompt injection attempts in `SKILL.md`. The arguments passed to the Node.js scripts are used to construct API requests, and while direct string concatenation for URL parameters could be a vulnerability if untrusted input were passed, this is a general risk in CLI tools and not indicative of malicious intent within the skill itself.
- External report
- View on VirusTotal