Nomtiq
WarnAudited by ClawScan on May 10, 2026.
Overview
Nomtiq is mostly a coherent restaurant-finder, but its guide includes an unsafe raw Python execution pattern and an under-disclosed recurring promotion-collection note that should be reviewed before use.
Review the Python scripts before installing, do not let the agent run the documented python3 -c hidden-menu command with untrusted text, verify no cron/background promotion collector is installed, and only configure API keys or Moltbook sharing if you are comfortable with the associated external calls and stored taste profile.
Findings (6)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If a crafted location or city is substituted literally, it could break out of the string and run unintended local Python code under the user's agent account.
The hidden-menu workflow asks the agent to construct and execute a Python code string containing user-supplied location and city placeholders.
python3 -c "... results = search_fancard(location='[地点]', city='[城市]') ..."
Replace this with a dedicated script or CLI that accepts location and city as safe argv/JSON arguments; do not interpolate user text into python3 -c or shell code.
If such a cron task is active after installation, it could make recurring network searches and write promotion files without a user's restaurant-related request.
The artifact indicates recurring background collection for promotion research, which is not disclosed in the main skill purpose and is not necessary for restaurant recommendation.
持续做:... Moltbook 社区运营(已在做) ... 每2小时收集推广案例(cron 已设)
Remove promotion-collection materials from the runtime package or clearly mark them as non-runtime development notes; ensure no cron/background job is installed unless the user explicitly opts in.
Users have less context for verifying who maintains the scripts and whether the package matches a public repository.
The skill includes executable Python scripts but has limited source provenance in the supplied registry metadata.
Source: unknown; Homepage: none; Code file presence: 12 code file(s)
Inspect the included scripts before use, install only the intended version, and prefer a package with a public source/homepage or reproducible provenance.
API keys may be used to make map/search/community API calls related to the user's restaurant queries.
The skill uses provider API keys for restaurant/search services and optional Moltbook sharing; this is purpose-aligned but gives the skill access to those provider quotas/accounts.
env: - AMAP_KEY - SERPER_API_KEY - MOLTBOOK_API_KEY ... external_calls: https://restapi.amap.com ... https://google.serper.dev ... https://www.moltbook.com/api/v1
Use scoped or low-quota keys where possible, avoid hardcoding secrets in shared files, and confirm the optional Moltbook key is only configured if you want that integration.
Dining history, budget, areas, likes/dislikes, and relationship-context notes may persist locally and influence future agent responses.
The skill intentionally stores a persistent taste profile, restaurant history, locale, pending feedback, and companion preferences for future recommendations.
`{baseDir}/data/taste-profile.json` — 口味画像 + localeReview and delete the profile files when needed, avoid storing sensitive personal notes, and watch for any untrusted text being saved as reusable preference context.
If enabled, some restaurant experience data leaves the local profile and is sent to a third-party/community API.
The guide describes optional external sharing of recorded restaurants/reviews to the Moltbook service after user consent.
要不要匿名分享到 Moltbook,帮助其他人找到好餐厅?每天最多 2 家,完全匿名,随时可以关闭。
Enable Moltbook only if you are comfortable sharing those records, verify what fields are uploaded, and confirm opt-out/disable works as described.