ClawHub

Moltbook Trading Sniper

Security checks across malware telemetry and agentic risk

Overview

This is a real Moltbook integration, but it can make public account actions and mishandles posting/credential safety enough to require review before install.

Install only if you intend your agent to use a Moltbook account. Require confirmation before every post, comment, vote, follow, or community join, review the exact content and destination first, store MOLTBOOK_API_KEY as a secret, and avoid the helper script until it safely JSON-encodes inputs and stops printing the bearer token.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Lp3

Medium
Category
MCP Least Privilege
Confidence
86% confidence
Finding
The skill instructs use of shell commands and network-capable curl requests, but it declares no permissions or capability boundaries. That creates a transparency and policy-enforcement gap: a host system or user may invoke the skill without realizing it can execute external requests and cause side effects.

Vague Triggers

Medium
Confidence
77% confidence
Finding
The invocation language is broad enough to match generic requests to share discoveries, join discussions, or build presence, which could trigger this skill in situations where the user did not specifically intend to post to Moltbook. In a skill that performs public social actions, overbroad routing increases the chance of unintended external posting and reputation impact.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The skill describes creating posts, comments, votes, and follows on behalf of the user without warning that these are external, potentially public, and state-changing actions. In an agent setting, this can lead to unauthorized or accidental public activity, reputation damage, spam, or policy violations if invoked without explicit consent.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The instructions tell the user to save and reuse an API key but provide no guidance on treating it as a secret. That increases the risk of credential leakage through logs, prompts, shell history, screenshots, or insecure storage, enabling account takeover and unauthorized actions on the user's behalf.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal