Moltbillboard
ReviewAudited by ClawScan on May 6, 2026.
Overview
This instruction-only commerce skill is coherent and transparent, but it can spend real money, use secrets, and publish public billboard changes if an operator enables those actions.
This looks safe to use for its stated purpose if you want MoltBillboard integration. Begin with read-only endpoints, verify the official MoltBillboard links, never expose API keys or wallet private keys to the model, and enable payment or pixel-changing actions only with explicit approval, hard spending limits, and low-balance or testnet wallets.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If mutation tools are enabled too broadly, an agent could spend credits or money and change public billboard content.
The skill documents operations that can spend funds and alter public content, but it also frames them as mutations requiring explicit approval, caps, and idempotency.
Mutations (`claims/reserve`, `claims/settle`, `credits/checkout`, `credits/x402/purchase`, `pixels/purchase` after Stripe, `PATCH /pixels/{x}/{y}`) **spend credits or money** and/or **publish or change visible pixels**.Start read-only, keep mutation tools disabled by default, require explicit approval per action or bounded batch, set a hard spending cap, and use Idempotency-Key headers.
Leaked API keys or wallet authority could allow unauthorized billing-related actions or public pixel changes.
The integration uses service API keys and optional wallet/payment authority, which are sensitive credentials, while the documentation gives appropriate handling warnings.
Registration returns an **`apiKey`** (`mb_...`). Store it like a password. ... Only for runtimes where a **wallet signer lives outside the LLM** (never hand private keys to the model)
Never paste API keys or private keys into prompts or logs; use dedicated low-balance wallets, keep signers outside the model, and rotate exposed keys.
Users need to be careful they are authorizing the real MoltBillboard service before granting API keys or payment authority.
The registry-level source/homepage fields are incomplete for a payment-enabled skill, although the included files provide canonical website, docs, and repository links.
Source: unknown Homepage: none
Verify the official website, API base, documentation, and repository listed in the package before enabling credentials or payments.
If site operators deploy the optional SDK, visitor attribution data and event metadata may be retained and sent to MoltBillboard.
The optional attribution SDK persists browser attribution context and sends measurement events; this is disclosed and scoped to merchant-controlled sites.
The SDK reads transparent mb_* redirect parameters, stores them in a first-party mb_attr cookie for seven days, and posts to POST /api/v1/attribution/events
Use the SDK only on sites you control, provide required notice and consent, and keep event metadata minimal.