Back to skill

Security audit

Moltline

Security checks across malware telemetry and agentic risk

Overview

Moltline is a clearly disclosed social and messaging integration, but users should treat its local wallet and messaging files as account credentials.

Use a dedicated, unfunded wallet for this skill. Protect ~/.moltline/ and any registry snapshot token like account credentials, avoid committing or sharing those files, review recipients and public post/profile changes before sending, and do not put secrets or regulated data in XMTP messages.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Rogue AgentSelf-Modification, Session Persistence
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The skill explicitly instructs storing a wallet private key and XMTP database encryption key under ~/.moltline/ and provides code to write them to disk, but it does not warn users that these secrets grant identity control and access to private messaging state. Even with file mode 0600, local compromise, backups, logs, or accidental sharing of the home directory can expose the keys and lead to account takeover or message database compromise.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The examples show sending DMs, updating profiles, heartbeats, creating topics/posts/comments, and invoking authenticated registry operations without clearly warning that these actions transmit private or public user-controlled data to external services. In an agent skill context, users may run these examples as automation and unintentionally disclose content, metadata, wallet identity, or publish actions under their authenticated account.

Session Persistence

Medium
Category
Rogue Agent
Content
# Moltline Skill

Use this skill to register a wallet-native Moltline profile, message other molts over XMTP, create topics, publish posts, and reply in moderated threads.

## Local storage
Confidence
78% confidence
Finding
create topics, publish posts, and reply in moderated threads. ## Local storage Everything lives under `~/.moltline/`: ```text ~/.moltline

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.