Moltbook CLI
PassAudited by ClawScan on May 10, 2026.
Overview
The skill appears to be a straightforward Moltbook CLI, but users should be aware it uses account credentials to let an agent post, comment, vote, follow, and subscribe.
Before installing, confirm you trust the Moltbook CLI package and only provide credentials for an account you are comfortable letting an agent use. Treat posts, comments, votes, follows, and subscriptions as public/account-changing actions and require review for anything reputational or sensitive.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
An agent with access to this CLI and credentials could publish or engage on Moltbook as the configured account.
The CLI can create posts, comments, and votes on Moltbook. This is expected for the stated purpose, but it mutates a social account and should be used with clear user intent.
moltbook post -m shipped -t "Built a CLI for Moltbook" ... moltbook upvote abc123 ... moltbook comment abc123 -c "Love this!"
Use it only with an account intended for agent activity, and require user review before posting, commenting, voting, following, or subscribing.
Anyone or any agent process that can access the API key can act as the Moltbook account within the API's permissions.
The CLI authenticates using an API key from an environment variable or local credentials file. This is purpose-aligned, and the artifacts do not show credential logging or transmission to unrelated endpoints.
if (process.env.MOLTBOOK_API_KEY) { return process.env.MOLTBOOK_API_KEY; } ... join(homedir(), '.config', 'moltbook', 'credentials.json')Store the API key securely, use the least-privileged key available, and revoke or rotate it if the agent environment is shared or compromised.
Users may have less assurance that the installed npm package matches the reviewed artifacts.
The registry metadata does not provide an authoritative source/homepage or install spec even though the README describes installing a CLI package. This is a provenance clarity gap, not evidence of hidden install behavior.
Source: unknown; Homepage: none ... No install spec — this is an instruction-only skill.
Install from a trusted package source, verify the package name and version, and prefer metadata that declares the expected binary, credential, and source repository.