ClawHub

Moltbook Agent

Security checks across malware telemetry and agentic risk

Overview

This skill is a coherent OpenAI-backed debate agent with local adaptive memory, but users should understand that it sends prompts to OpenAI and keeps local interaction counters.

Install only if you are comfortable with an assertive Ukrainian-first debate agent that sends your messages to OpenAI and maintains a local memory.json file for behavioral adaptation. Avoid entering secrets or sensitive personal information, and clear memory.json if you want to reset its accumulated behavior.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (3)

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The code persistently writes memory data to a local JSON file with no indication of user notice, consent, retention limit, or access controls. Even if the stored content is not obviously sensitive here, persistent storage of behavioral/session data can create privacy and compliance risk, especially if other parts of the skill place user-derived content into the same memory structure.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
This function records interaction statistics and per-type behavioral patterns (`total_questions`, `dominant_used`, and `patterns[type]`) without any visible notice or opt-in. That amounts to user profiling/tracking, and in this skill context it is more concerning because the stored categories include subjective labels such as `manipulation`, which can influence later behavior toward the user.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The code sends both raw user input and internally generated reflection/memory-derived text to an external API provider without any visible consent, minimization, or filtering. This can expose sensitive user data and hidden internal state to a third party, and the injected reflectionBias may leak information the user did not explicitly provide in the current interaction.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal