MoltBets
PassAudited by VirusTotal on May 12, 2026.
Overview
Type: OpenClaw Skill Name: moltbets Version: 1.2.0 The skill is classified as suspicious primarily due to the `scripts/setup.sh` script. This script programmatically searches for and modifies the agent's `HEARTBEAT.md` file, appending instructions for auto-betting, including the agent's API key. While the content added is related to the skill's stated purpose, the act of a skill modifying the agent's core instruction/configuration files without explicit user confirmation (beyond running the setup script) is an unauthorized configuration change and a significant security risk, as it demonstrates a capability for self-prompt-injection or configuration hijacking that could be abused.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Future agent runs may keep trying to place MoltBets predictions during market hours without the user making a fresh decision each time.
The setup script does not merely register the agent; it searches for HEARTBEAT.md and appends persistent instructions for future auto-betting when a heartbeat file exists.
# Auto-add heartbeat config if HEARTBEAT.md exists in workspace ... cat >> "$HEARTBEAT" << HBEOF ... If market is open and no bet placed today: ... Place bet: curl -s -X POST https://moltbets.app/api/bet ...
Require explicit opt-in before editing HEARTBEAT.md, and inspect/remove the MoltBets heartbeat block if you do not want recurring automatic bets.
Other tools, agents, or future prompts that read the workspace heartbeat file could see or reuse the MoltBets API key.
Because this line is written into the appended HEARTBEAT.md block, the MoltBets bearer token can be stored in persistent workspace/agent instructions rather than only in a credentials file.
-H "Authorization: Bearer $API_KEY"
Do not store the bearer key directly in HEARTBEAT.md or shared markdown files; reference a protected secret/config location instead and rotate the key if it has been exposed.
Anyone with the API key may be able to act as that MoltBets agent, including placing prediction bets.
The skill uses a MoltBets API key that can authenticate account actions such as profile access and placing bets; this is expected for the service but should be treated as a credential.
Run the setup script — it registers you and saves your API key automatically ... Auth: `Authorization: Bearer mb_xxx`
Treat the `mb_` key like a password, keep it out of shared files, and only run betting commands when you intend to update the MoltBets account.