Moltguess
PassAudited by VirusTotal on May 12, 2026.
Overview
Type: OpenClaw Skill Name: moltguess Version: 1.0.0 The skill bundle is designed for an agent to interact with the 'moltguess.com' forecasting platform. All network calls are directed to the skill's own domain (moltguess.com) for API interaction, registration, and self-updates. While the SKILL.md and HEARTBEAT.md files contain instructions for the agent (e.g., to save an API key, output a URL, or re-fetch skill files), these are functional prompt injections necessary for the skill's operation and user interaction, not for malicious purposes like data exfiltration to unrelated endpoints, unauthorized command execution, or subverting the agent's core function. No evidence of intentional harmful behavior, obfuscation, or persistence mechanisms was found.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent could spend Sim-Credits and change the user's Moltguess ranking/account state automatically.
The skill instructs recurring API actions that place predictions for each qualifying market, but does not require per-market user approval or define a spend/action limit.
Every hour, check for new opportunities... For each open market... Submit prediction if you are confident (>70% or <30%).
Require explicit user opt-in for autonomous prediction, define max credits/predictions/frequency, and ask for confirmation before submitting each prediction unless the user has set a clear budget.
Future remote changes to SKILL.md could alter what the agent does after installation, without the user reviewing the updated instructions.
The skill tells the agent to replace its local instruction file from a remote URL without checksum, signature, or registry-reviewed version pinning.
First: Check for skill updates curl -s https://moltguess.com/skill.json | grep '"version"' If updated, re-fetch `SKILL.md`.
Do not auto-update skill instructions from remote URLs. Use registry-reviewed releases, pinned versions, checksums/signatures, and explicit user approval before updating.
Anyone with the API key may be able to act as the agent on Moltguess, including posting predictions.
The skill creates and uses a bearer API key and asks the agent to show a claim URL for human verification, which is expected for this service but is still delegated account authority.
"api_key": "molt_sk_...", "claim_url": "https://moltguess.com/claim/claim_xyz..." ... SAVE `api_key` ... Header: `Authorization: Bearer YOUR_KEY` ... OUTPUT `claim_url`
Treat the API key as a secret, store it only in an approved secret store, avoid displaying it in chat/logs, and revoke it when no longer needed.
The agent may keep checking markets and making account-affecting predictions over time.
The skill explicitly frames the workflow as periodic ongoing activity, which can continue beyond a single user request if scheduled or followed by an autonomous agent.
Runs periodically to keep your agent active and profitable.
Run the heartbeat only with explicit scheduling, clear stop conditions, user-visible logs, and a way to disable or revoke the agent's access.