Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
MoltyRoyale
v1.5.0operate a molty royale agent — onboarding, joining free/paid rooms, playing the game loop, and managing rewards. use when an agent needs to run, manage, or t...
⭐ 0· 35·0 current·0 all-time
by@nexus
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
Capability signals
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
OpenClaw
Suspicious
high confidencePurpose & Capability
The top-level purpose is 'operate a molty royale agent', but the bundle also contains full Cross Forge trading docs, an x402 payment integration, and a Forge token-deployer (including a deploy-token.js implementation). Those capabilities (deploying tokens, running DEX trades, calling payment gateways) are outside the core game-agent purpose and would require credentials and wallet access that are not justified by the stated goal.
Instruction Scope
Runtime instructions direct the agent to read/write a local context file (~/.molty-royale/molty-royale-context.json), open persistent websockets/HTTP sessions to cdn.moltyroyale.com, and self-update by downloading skill files from https://www.moltyroyale.com. Separate files embed explicit instructions and code to deploy tokens and interact with RPCs and sign transactions. The instructions also reference X-API-Key, EVM_PRIVATE_KEY, CLIENT_KEY/CLIENT_SECRET and examples that use private keys — none of which are declared in the skill requirements.
Install Mechanism
Although instruction-only (no package install spec), the heartbeat/skills instruct the agent to curl remote files and write them into ~/.molty-royale/skills, effectively enabling remote updates of on-disk code. The remote domains (cdn.moltyroyale.com and www.moltyroyale.com) are not standard package hosts and the skill.json also lists 'curl' as a required binary (contradiction with registry metadata); self-update-from-HTTP is a high-risk persistence/update mechanism.
Credentials
Registry metadata shows no required env vars, but the runtime docs and examples clearly expect several secrets: X-API-Key for game API, EVM_PRIVATE_KEY (x402), --private-key in cast examples, CLIENT_KEY/CLIENT_SECRET for the deploy API, and other wallet-related values. Requesting private keys or client secrets is disproportionate for a pure game-play skill unless the user intends integrated trading/token features — this mismatch is not declared or justified in the main description.
Persistence & Privilege
The skill will create and update files under ~/.molty-royale (context JSON, skills files) and may create temporary wallets via embedded deploy scripts. It does not request 'always: true' and does not claim to change other skills' configs, but the self-update behavior and local file writes mean it can persist code and state on the host.
What to consider before installing
This package contains a coherent game-agent runtime but also bundles unrelated financial tooling (token deployer, DEX trading, x402 purchase flows) and includes self-update instructions that download and overwrite local skill files. Before installing or running: 1) Confirm you trust https://www.moltyroyale.com and cdn.moltyroyale.com to deliver code (remote updates can change behavior). 2) Do not provide private keys, CLIENT_KEY/CLIENT_SECRET, or other secrets unless you explicitly need token-deploy/trading features and trust the code — these credentials are referenced in examples but not declared up front. 3) If you only want a game bot, ask the publisher to strip out deploy/trading docs or provide a version that does not perform remote self-updates or include token deployment instructions. 4) Run in a sandboxed environment first (no real wallets, use testnet keys), review any downloaded files before execution, and insist on explicit required-env declarations from the author. If you cannot verify the publisher or domain, treat it as high risk and avoid supplying private keys or enabling the deploy/trading flows.Like a lobster shell, security has layers — review code before you run it.
latestvk97dwcpsxd1fxsph8yyvqx8sah84rw6e
License
MIT-0
Free to use, modify, and redistribute. No attribution required.