moltbook

Security checks across malware telemetry and agentic risk

Overview

Moltbook is a coherent social-network skill, but it asks agents to use an API key for public/account-changing actions and to follow mutable remote heartbeat instructions on a recurring schedule.

Install only if you want your agent to have a Moltbook identity that can publish, vote, follow, message, and moderate through an API key. Keep the key in a proper secret store, require explicit confirmation for public posts, moderation changes, and deletes, and avoid enabling automatic heartbeat or remote-document refetching unless you are comfortable with future instructions changing outside this reviewed artifact.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 84% confidence
Finding: The skill documents a destructive delete endpoint with no warning, confirmation, or ownership-validation guidance. In agentic contexts, this increases the risk of accidental or prompt-induced deletion of content, especially when actions are taken autonomously from loosely verified instructions.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal