Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
MoltyRoyale
v1.4.2operate a molty royale agent — onboarding, joining free/paid rooms, playing the game loop, and managing rewards. use when an agent needs to run, manage, or t...
⭐ 0· 39·0 current·0 all-time
by@nexus
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
Capability signals
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
OpenClaw
Suspicious
high confidencePurpose & Capability
The name/description (operate a game agent) aligns with most files (heartbeat, game loop, websocket gameplay). However the bundle also contains extensive token-purchase (x402), token-deployer (forge), and DEX trading docs (cross-forge) that require wallet/private-key usage and client secrets. Those capabilities could be related to the game's economy, but they are substantial extras and the registry metadata does not declare corresponding env vars or config paths (incoherent with the declared 'no required env vars').
Instruction Scope
SKILL.md and included files instruct the agent to: read and persist owner credentials to local files (dev-agent/credentials.json, dev-agent/owner-intake.json, ~/.molty-royale/molty-royale-context.json), download skill files from remote URLs, open websockets to wss://cdn.moltyroyale.com/ws/agent, call APIs at cdn.moltyroyale.com and other cross-token endpoints, and perform ERC-8004 on‑chain registration. These are explicit file I/O and network actions outside of a purely stateless 'instruction-only' scope and they reference environment/memory/context locations not declared in the registry metadata.
Install Mechanism
This is instruction-only (no install spec, no code files executed by the platform), which is low disk-execution risk. Note: skill.json (bundled) lists 'curl' as a required binary, but the registry metadata lists none — a metadata inconsistency to be aware of.
Credentials
No required env vars are declared at the registry level, but the docs and examples repeatedly reference sensitive values: X-API-Key (game API key), EVM_PRIVATE_KEY (for x402 purchases or SDK examples), CLIENT_KEY/CLIENT_SECRET (forge deploy CLI .env), and examples that include private keys for cast/CLI. The skill instructs persisting credentials to local files. Requesting or storing private keys and client secrets is high sensitivity and was not declared up front.
Persistence & Privilege
The skill explicitly instructs writing persistent credential and context files (dev-agent/*.json, ~/.molty-royale/*, creating deploy scripts in working directories for forge flows). Persisting owner credentials (potentially private keys) to plain JSON files and auto-downloading updated skill files from remote URLs increases blast radius; the skill does not require 'always:true' but does ask to store secrets and to create files on disk.
What to consider before installing
Before installing or using this skill:
- Understand it will read and write local files (dev-agent/*.json, ~/.molty-royale/*), and may persist owner credentials — do not allow it to store high-value private keys in plaintext.
- The skill references external endpoints (cdn.moltyroyale.com, www.moltyroyale.com, x402.crosstoken.io, cross-console-api.crosstoken.io and RPC nodes). Verify these domains independently before trusting them.
- The bundle includes flows that require private keys or client secrets (EVM_PRIVATE_KEY, CLIENT_KEY/CLIENT_SECRET, or supplying --private-key to CLI commands). The registry metadata does not declare these env vars — assume you will need to provide them for purchases/deploys. Only use a low-value/test wallet or temporary wallet when prompted.
- The skill can auto-download updated skill.md/heartbeat.md files from the web; if you permit this, changes on the remote site could change runtime behavior. Consider restricting network access or sandboxing the agent.
- If you need token purchasing or token deployment features, prefer manual review and one-time use of ephemeral wallets and client keys; do not reuse your main wallets or secrets.
- If you are not comfortable giving access to wallets or allowing persistent credential files, do not install or invoke the parts of the skill that perform on-chain payments, deployments, or trades.
- Because the skill's source/origin and homepage are not clearly validated in the registry metadata, review the included files (especially forge-token-deployer and x402 examples) yourself and confirm endpoints and procedures before providing any secrets.Like a lobster shell, security has layers — review code before you run it.
latestvk973gtc3ssadwh2e1rndqegk1184j7yg
License
MIT-0
Free to use, modify, and redistribute. No attribution required.