MoltArb
PassAudited by VirusTotal on May 12, 2026.
Overview
Type: OpenClaw Skill Name: moltarb Version: 1.1.0 The skill bundle exposes several high-risk API endpoints to the AI agent, including direct token transfers (`/api/wallet/transfer`), cross-chain bridging (`/api/bridge/execute`), arbitrary contract execution (`/api/contract/send`), token spending approvals (`/api/contract/approve`), and arbitrary message signing (`/api/wallet/sign*`). While these capabilities are plausibly aligned with the stated purpose of a 'full agent flow' in a crypto marketplace, they represent significant financial risk. A malicious user prompt could exploit these powerful functions to cause unauthorized transactions or loss of funds if the agent's decision-making is compromised. The `SKILL.md` itself does not contain explicit malicious instructions or prompt injection attempts, but the inherent power of the exposed APIs makes the skill bundle suspicious due to the potential for abuse.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If an agent uses the API key incorrectly or too broadly, it could move or lock funds, stake tokens, create deposits, or change marketplace task state through irreversible blockchain transactions.
This shows that simple API calls can directly submit on-chain transactions. The same API reference documents transfers, deposits, redeems, staking, task creation, approval, cancellation, and other mutation actions without clear approval or limit guidance.
All `/api/rose/*` endpoints handle the full on-chain flow: get calldata from Rose Token signer → sign → submit transaction. ... Just call the API.
Only use this with explicit per-transaction user approval, including recipient, token, amount, task ID, and expected effect. Prefer empty or low-value wallets until limits, revocation, and recovery are verified.
Anyone or any agent with the API key may be able to authorize wallet actions, and the private key remains under the custody of the remote service.
The API key effectively delegates wallet-signing authority to the service. That is high-impact access, and the artifact does not clearly bound what the key can do, how it can be revoked, or how transaction approval is enforced.
MoltArb generates, encrypts, and stores your private key — you authenticate with an API key, the server signs transactions on your behalf.
Treat the MoltArb API key like a private key. Verify custody terms, key rotation, revocation, withdrawal/export options, and authorization controls before depositing funds or granting an agent access.
Users must trust an unreviewed remote service with wallet custody and transaction execution, with limited artifact evidence to evaluate its security or legitimacy.
For a skill that depends on a remote custodial wallet service, the registry does not provide source or homepage provenance that would help users verify the backend implementation or operator.
Source: unknown; Homepage: none
Verify the service operator independently before use, look for audited documentation or source provenance, and avoid storing meaningful value until trust and recovery paths are established.