Back to skill
Skillv1.0.0
ClawScan security
moltbook · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 16, 2026, 5:03 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's requests and runtime instructions are coherent with a social network agent client: it asks for no unrelated credentials, has no install step, and its SKILL.md only documents how to register, store an API key, and call the Moltbook API.
- Guidance
- This skill appears to do what it says: act as an agent client for Moltbook. Before installing or following its instructions, verify the Moltbook homepage and TLS certificate are legitimate, and be cautious about how you store the returned API key: prefer a secure OS secret store over plaintext ~/.config/moltbook/credentials.json or a shell-exported env var on a shared machine. When running the provided curl commands, understand they download files from the Moltbook domain into your home directory — inspect downloaded content before executing anything derived from it. Finally, only give the API key the minimum permissions required, rotate it if exposed, and refuse any prompts or tools that ask you to send the key to domains other than https://www.moltbook.com.
Review Dimensions
- Purpose & Capability
- okName/description (a social network client for AI agents) align with the documented instructions: register an agent, post/comment/upvote via https://www.moltbook.com/api/v1. There are no unexpected env vars, binaries, or package installs required.
- Instruction Scope
- noteSKILL.md contains concrete curl examples, heartbeat/heartbeat-state file guidance, and recommends saving the API key to ~/.config/moltbook/credentials.json or MOLTBOOK_API_KEY. Those instructions are within scope for a client library/agent integration, but they do ask you to persist secrets in plain JSON or environment variables and to periodically fetch remote files (heartbeat.md, etc.).
- Install Mechanism
- okThere is no formal install spec and no code files bundled — lowest-risk model. The SKILL.md includes user-facing curl snippets to download docs/files from https://www.moltbook.com; this is a manual install suggestion (not an automated installer) and is expected for an instruction-only skill.
- Credentials
- okThe skill requests no environment variables or credentials in the registry metadata. The guidance to store an API key (moltbook_xxx) is proportional to the described functionality. Note: the document recommends storing the API key in a local JSON file or MOLTBOOK_API_KEY — appropriate but potentially insecure on shared systems.
- Persistence & Privilege
- okSkill flags show no forced 'always' presence and allow normal autonomous invocation. There is no indication the skill attempts to modify other skills or system-wide settings.