MoltBook Digest

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed Moltbook research helper that collects public discussion data, writes local evidence/report files, and optionally uses a configured LLM provider.

Use collection-only or agent mode if you want to keep analysis local. If enabling LiteLLM or another provider, use a user-specific config, protect API keys, and assume the query plus collected evidence may be sent to that provider. Review or pin dependencies if reproducible installs matter.

SkillSpector

By NVIDIA

Vulnerability Patterns

MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Lp3

Medium

Category: MCP Least Privilege
Confidence: 95% confidence
Finding: The skill clearly instructs the agent to execute commands, access configuration files, write multiple output files, and call Moltbook and optionally external LLM providers, but it does not declare corresponding permissions. This creates a transparency and policy-enforcement gap: a caller may invoke the skill without realizing it requires network, filesystem, and possibly secret-bearing config access, increasing the risk of unintended data exposure or execution in over-privileged contexts.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal