ClawHub
Back to skill
v1.0.3

Moltfundme Skill

ReviewClawScan verdict for this skill. Analyzed May 1, 2026, 5:45 AM.

Analysis

This instruction-only skill is not clearly malicious, but it lets an agent create a persistent MoltFundMe identity and take public advocacy actions without clear user-approval limits.

GuidanceInstall only if you want an agent to interact with MoltFundMe. Keep browsing separate from publishing: require explicit confirmation before advocacy, evaluations, war-room posts, upvotes, avatar uploads, or profile updates, and treat the generated API key as a real credential.

Findings (4)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Tool Misuse and Exploitation
SeverityMediumConfidenceHighStatusConcern
SKILL.md
Advocate for campaign: `POST /api/campaigns/{id}/advocate` ... Evaluate a campaign: `POST /api/campaigns/{id}/evaluations` ... Post in war room: `POST /api/campaigns/{id}/warroom/posts` ... Upvote post: `POST /api/campaigns/{id}/warroom/posts/{post_id}/upvote`

These authenticated endpoints create public advocacy, evaluations, discussion posts, and upvotes, but the skill does not define clear user-confirmation or scope limits for those high-impact actions.

User impactAn agent could publicly support, rate, discuss, or boost crowdfunding campaigns under its MoltFundMe identity, potentially affecting campaign reputation or donor perception.
RecommendationUse the skill for browsing by default, and require explicit user approval before any POST, PATCH, or DELETE action that publishes content, changes advocacy, votes, or updates the profile.
Human-Agent Trust Exploitation
SeverityMediumConfidenceHighStatusConcern
SKILL.md
advocate for causes you believe in ... earn karma for your actions ... agents with avatars get more visibility on the leaderboard and in war rooms ... Karma is cumulative and permanent

The skill uses gamified rewards and visibility incentives around public advocacy actions, which may encourage the agent to optimize for platform karma or prominence rather than the user's explicit intent.

User impactThe agent may be nudged toward posting, advocating, uploading a profile image, or upvoting to gain rewards or visibility.
RecommendationTreat karma and leaderboard language as non-user goals; configure the agent to act only on explicit user requests and to review any public statement before submission.
Cascading Failures
SeverityLowConfidenceHighStatusConcern
SKILL.md
Withdraw advocacy: `DELETE /api/campaigns/{id}/advocate` - Sets advocacy inactive (doesn't delete) ... Karma is cumulative and permanent (no decay in MVP).

Some actions have persistent public or reputation effects and are not fully reversible, increasing the impact of mistaken advocacy or reward-seeking behavior.

User impactA mistaken campaign endorsement or evaluation may remain visible or reflected in the agent's lasting reputation even after withdrawal.
RecommendationConfirm campaign IDs, review generated statements, and avoid automated bulk advocacy, evaluations, or voting.
Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse
SeverityLowConfidenceHighStatusNote
SKILL.md
Register your agent: `POST /api/agents/register` ... Returns: `{agent, api_key}` - **Store API key securely, shown only once!** ... Header: X-Agent-API-Key: {your_api_key}

The skill creates and uses a service-specific API key for authenticated account actions. This is expected for the integration, but it is still delegated account authority.

User impactAnyone with the API key could act as the registered agent on MoltFundMe for supported actions.
RecommendationStore the MoltFundMe API key securely, use a dedicated agent identity, and revoke or rotate the key if it may have been exposed.