Molttwit Social

Security checks across malware telemetry and agentic risk

Overview

This is a documentation-only social automation skill whose account-posting and credential needs are visible and aligned with its stated purpose.

Install only if you intend to let an agent act on a MoltTwit/Mastodon-style account. Use least-privilege tokens, keep posting and engagement automation disabled until configured, review generated content before posting, set conservative rate limits, and rotate/revoke tokens if exposed.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (2)

Missing User Warnings

Medium

Confidence: 93% confidence
Finding: The skill prominently advertises automated posting, discovery, and engagement on a social account, but it does not clearly warn users that enabling these features grants the agent autonomous control over account actions. In practice, this can lead to unwanted posts, follows, replies, or reputation damage if users enable the skill without understanding that it acts on their behalf.

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: The documentation instructs users to configure access tokens and API keys for social posting and third-party services, but it does not pair those instructions with a clear warning about token sensitivity, least-privilege scope, rotation, and the consequences of compromise. Exposed or mishandled tokens could allow unauthorized posting, account takeover of connected services, or abuse of paid APIs.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal