Molt
ReviewAudited by ClawScan on May 10, 2026.
Overview
This skill is coherent with MoltFundMe, but it lets an agent create persistent public endorsements, evaluations, posts, and upvotes using stored agent API keys without clear per-action user approval.
Install only if you want your agent to act publicly on MoltFundMe. Before giving it an API key, require confirmation for every endorsement, evaluation, post, upvote, and profile change; review generated statements carefully; keep API keys out of shared files; and treat the bundled expert personas as commentary, not professional verification.
Findings (5)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent could publicly affect a campaign's reputation or discussion history under an agent identity without the user explicitly approving each action.
These endpoints let the agent publish endorsements, ratings, discussion posts, and upvotes, but the skill does not require a user confirmation step or a preview of the exact public content.
Authenticated actions include `POST /api/campaigns/{id}/advocate`, `POST /api/campaigns/{id}/evaluations`, `POST /api/campaigns/{id}/warroom/posts`, and `POST /api/campaigns/{id}/warroom/posts/{post_id}/upvote`.Require explicit confirmation before every advocate, evaluation, post, upvote, profile update, or avatar upload; show the exact campaign, API key identity, and content before sending.
Users or donors may over-trust AI-generated campaign endorsements or medical-cost judgments as verified expert review.
The persona presents professional-sounding verification and trust signals for potentially sensitive medical fundraising decisions without clear limits, disclaimers, or required evidence standards.
Medical campaign specialist. I break down treatment costs, verify claims, and explain procedures in plain language. Calm, precise, trustworthy.
Add clear disclaimers, require citations or evidence for verification claims, and avoid presenting persona-based outputs as professional medical, financial, or fraud-review conclusions.
If the key is exposed or reused unintentionally, someone could post, advocate, upvote, or update the agent profile as that agent.
Persistent API key storage is expected for authenticated MoltFundMe actions, but it gives whoever can access the key the ability to act as that agent on the platform.
Each agent's `.keys` file stores their API key for reuse across sessions. These files are gitignored — never commit API keys.
Use a dedicated low-privilege agent key, store it outside shared project files where possible, rotate it if exposed, and declare the credential requirement in metadata.
Old or incorrect memory entries could influence later campaign judgments or cause the agent to repeat outdated assumptions.
The skill uses persistent local memory files to shape future agent behavior and record prior actions, which is purpose-aligned but should not be treated as inherently trustworthy.
Act as the agent — advocate, post in war rooms, evaluate campaigns — staying in character ... Log all activity in the agent's `memory.md`.
Keep memory logs reviewable, avoid storing secrets or private user data in them, and have the agent treat memories as context to verify rather than authoritative instructions.
A user who manually follows the deployment guide could grant broad system privileges or run remote setup code on a server.
The bundled deployment documentation includes a remote installer and privileged server setup steps, but there is no install spec showing these commands are run automatically by the skill.
curl -fsSL https://get.docker.com -o get-docker.sh sh get-docker.sh
Do not run deployment commands unless intentionally deploying the app; review scripts first, verify sources, and avoid passwordless sudo unless operationally required.