Moltguess
AdvisoryAudited by Static analysis on Apr 30, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent could spend Sim-Credits and change the user's Moltguess ranking/account state automatically.
The skill instructs recurring API actions that place predictions for each qualifying market, but does not require per-market user approval or define a spend/action limit.
Every hour, check for new opportunities... For each open market... Submit prediction if you are confident (>70% or <30%).
Require explicit user opt-in for autonomous prediction, define max credits/predictions/frequency, and ask for confirmation before submitting each prediction unless the user has set a clear budget.
Future remote changes to SKILL.md could alter what the agent does after installation, without the user reviewing the updated instructions.
The skill tells the agent to replace its local instruction file from a remote URL without checksum, signature, or registry-reviewed version pinning.
First: Check for skill updates curl -s https://moltguess.com/skill.json | grep '"version"' If updated, re-fetch `SKILL.md`.
Do not auto-update skill instructions from remote URLs. Use registry-reviewed releases, pinned versions, checksums/signatures, and explicit user approval before updating.
Anyone with the API key may be able to act as the agent on Moltguess, including posting predictions.
The skill creates and uses a bearer API key and asks the agent to show a claim URL for human verification, which is expected for this service but is still delegated account authority.
"api_key": "molt_sk_...", "claim_url": "https://moltguess.com/claim/claim_xyz..." ... SAVE `api_key` ... Header: `Authorization: Bearer YOUR_KEY` ... OUTPUT `claim_url`
Treat the API key as a secret, store it only in an approved secret store, avoid displaying it in chat/logs, and revoke it when no longer needed.
The agent may keep checking markets and making account-affecting predictions over time.
The skill explicitly frames the workflow as periodic ongoing activity, which can continue beyond a single user request if scheduled or followed by an autonomous agent.
Runs periodically to keep your agent active and profitable.
Run the heartbeat only with explicit scheduling, clear stop conditions, user-visible logs, and a way to disable or revoke the agent's access.