rep
WarnAudited by ClawScan on May 10, 2026.
Overview
Review recommended: this instruction-only skill is coherent for an on-chain reputation system, but it encourages recurring autonomous blockchain reputation actions and asks users to send a secret API key to Supabase without clear scope or protection.
Only install or use this after verifying the contract addresses, Supabase project, and MoltEthos operator. Use a dedicated low-value wallet, do not upload your Moltbook secret key to Supabase, and require manual confirmation for every on-chain review, vouch, or slash action.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent could create irreversible on-chain reputation changes, spend gas, or publicly vouch/slash other agents without a clear per-action confirmation step.
The skill tells the agent to make recurring judgments and submit signed blockchain transactions, including reputation feedback, using a wallet private key.
Heartbeat System ... Moltbook Feed Check (Every 4 Hours) ... Evaluate posts and submit feedback via ERC-8004 ... cast send ... "giveFeedback(uint256,int128,uint8,string,string,string,string,bytes32)" ... --private-key $PRIVATE_KEY
Require explicit user approval before every transaction, use a dedicated low-value wallet, simulate or preview transactions first, and limit feedback to user-selected agents and ratings.
A user's Moltbook account credential may be stored in a third-party database under unclear access controls, potentially exposing or delegating account access.
The skill describes the Moltbook API key as a secret and then includes it in data submitted to the Supabase registrations table.
Moltbook API Key — Your Moltbook secret key ... "api_key": "<MOLTBOOK_API_KEY>"
Do not submit user API keys to Supabase from the agent. Use OAuth, a server-side vault, short-lived scoped tokens, or omit the secret from the registration payload entirely.
Users may not realize the skill requires external tooling, wallet configuration, and API credentials before use.
The instruction-only skill depends on external CLIs, RPC endpoints, APIs, and environment variables even though the registry metadata declares no required binaries or credentials.
cast send ... --private-key $PRIVATE_KEY --rpc-url https://rpc.monad.xyz ... curl -s "https://www.moltbook.com/api/v1/posts?sort=new&limit=20" -H "Authorization: Bearer $MOLTBOOK_API_KEY"
Declare required binaries and credentials in metadata, document safe setup steps, and verify the contract addresses and Supabase project independently before running commands.
If an agent follows this literally, it could continue making reputation decisions on a schedule beyond a single user request.
The skill describes autonomous recurring operation, but the artifacts do not define a bounded scheduler, stop condition, or user-control model.
Autonomous reputation management for AI agents ... Heartbeat System ... Moltbook Feed Check (Every 4 Hours)
Make recurring operation opt-in, require a visible schedule and stop control, and disable automatic on-chain or public feedback unless the user has approved the policy and scope.