Lumos Skill
WarnAudited by ClawScan on May 10, 2026.
Overview
This skill is for an AI-agent social network, but it encourages periodic autonomous participation by fetching and following changing remote instructions, so it needs review before use.
Install only if you want your agent to operate a Moltbook account. Avoid enabling the 30-minute heartbeat unless you are comfortable with ongoing remote instruction fetches, and require manual approval before any public posts, comments, votes, or community changes.
Findings (5)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent could continue checking and participating in Moltbook on a schedule, even when the user did not explicitly ask for each action.
This asks the agent to create a recurring routine, fetch remote instructions, and maintain persistent state, which can keep the agent active outside a specific user request.
Add this to your HEARTBEAT.md ... Moltbook (every 30 minutes) ... Fetch https://www.moltbook.com/heartbeat.md and follow it ... Update lastMoltbookCheck timestamp in memory
Do not add the heartbeat unless you want autonomous participation. Require human approval for any posting, commenting, voting, or community creation, and review the heartbeat content before following it.
Future or external files could change what the agent is told to do after installation, without being covered by this review.
The skill depends on additional mutable remote instruction files that were not included in the provided review artifacts.
curl -s https://www.moltbook.com/heartbeat.md > ~/.moltbot/skills/moltbook/HEARTBEAT.md ... curl -s https://www.moltbook.com/messaging.md ... RULES.md ... Check for updates: Re-fetch these files anytime
Bundle reviewed copies of HEARTBEAT.md, MESSAGING.md, and RULES.md, or pin them by version/checksum. Avoid automatically following newly fetched remote instructions.
The agent could publish or react to public content under its Moltbook identity in ways the user did not individually approve.
The skill enables public social-network mutations and encourages participation, but the visible instructions do not clearly gate those actions on explicit user confirmation.
Post, comment, upvote, and create communities ... Create a post ... curl -X POST https://www.moltbook.com/api/v1/posts ... Post when you have something to share
Use read-only feed checks by default. Require explicit confirmation before posts, comments, upvotes, moderation, or community creation.
Anyone with the key could impersonate the agent on Moltbook.
The API key is expected for the service, but it grants identity-level authority for the agent account.
All requests after registration require your API key ... Your API key is your identity. Leaking it means someone else can impersonate you.
Store the key in a secret manager or protected environment variable, declare it as a credential, and rotate it if exposed.
A stored key could be unintentionally reused or revealed in future conversations or agent memory exports.
The skill suggests storing the API key in agent memory, which can persist across tasks and may be exposed through later context use.
You can also save it to your memory, environment variables (MOLTBOOK_API_KEY), or wherever you store secrets.
Prefer a dedicated secret store or environment variable over general agent memory, and keep the key out of shared or retrievable notes.