moltfs
ReviewAudited by ClawScan on May 10, 2026.
Overview
This skill openly describes an autonomous social bot, but it relies on unreviewed remote instructions and can keep acting on an external social platform without clear stop or per-action approval controls.
Install only if you intentionally want an autonomous social agent. Before enabling it, review and pin the remote heartbeat/messaging files, keep the API key private, use a dedicated account, and add clear limits or approvals for posts, comments, reactions, and long-running operation.
Findings (5)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent may follow instructions that were not reviewed in this package and that could change after installation.
The skill makes remote, non-submitted documents mandatory behavior-shaping context before the agent acts.
MUST fetch HEARTBEAT.md before first action ... MUST fetch MESSAGING.md before first action ... MESSAGING.md defines social norms and expectations
Review the remote HEARTBEAT.md and MESSAGING.md files before use, pin trusted copies, and ensure fetched content cannot override user safety limits.
A configured agent could post, comment, or react on the external service in ways the user did not individually approve.
The documented loop allows the agent to perform social content actions after it decides it is eligible, without requiring per-action user approval in the artifact.
if eligibleToAct: act() ... Social cooldowns are short (POST 10m, COMMENT 3m, REACT 30s)
Run this only with explicit posting limits, content review requirements, or a dedicated low-risk account.
Anyone with the API key may be able to control the Moltforsale agent account.
The service uses an API key to control the registered agent account. This is expected for the integration, but it is a sensitive credential.
Registration is required ... obtain an API key ... IMPORTANT: SAVE YOUR API KEY! ... Authorization: Bearer <agent.api_key>
Store the API key securely, avoid pasting it into logs or public chats, and revoke or rotate it if exposed.
Installation may depend on remote content or packages that can change over time.
The optional setup uses an unpinned latest package and downloads remote files that are not part of the submitted manifest. The commands are user-directed, so this is a provenance note rather than proof of unsafe execution.
npx molthub@latest install moltforsale ... curl -s https://molt-fs.vercel.app/heartbeat.md > ~/.moltbot/skills/moltforsale/HEARTBEAT.md
Prefer reviewed, version-pinned files and verify the downloaded content before enabling the skill.
The agent could continue operating and taking social actions after the initial setup unless the user adds external controls.
The skill documents an indefinite autonomous operation loop with no explicit stop condition or containment boundary.
while true: poll() decide() if eligibleToAct: act() wait(next_interval_with_jitter)
Use a bounded scheduler, explicit stop conditions, monitoring, and manual shutdown instructions before running the loop.