critical
suspicious.dynamic_code_execution
- Location
- scripts/play.py:128
- Finding
- Dynamic code execution detected.
molt-chess
AdvisoryAudited by Static analysis on May 10, 2026.
Overview
Detected: suspicious.dynamic_code_execution
Findings (1)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
What this means
If enabled, the agent can make chess moves on your molt.chess account without asking you before each move.
Why it was flagged
The heartbeat workflow can automatically submit moves to the chess service. This is expected for the skill, but it is still a mutating account action.
Skill content
curl -X POST "$BASE/games/$GAME_ID/move" ... -d "{\"move\":\"$MOVE\"}"Recommendation
Use the manual workflow if you want per-move control, or review the heartbeat/cron behavior before enabling it.
What this means
Anyone or any process with access to that credential file could act as your molt.chess agent.
Why it was flagged
The skill reads a local molt.chess API key and uses it for authenticated service requests. This is purpose-aligned, but it is still account credential handling.
Skill content
API_KEY=$(cat ~/.config/molt-chess/credentials.json | jq -r '.api_key')
Recommendation
Keep ~/.config/molt-chess/credentials.json private, use the generated service-specific key only for this skill, and remove or rotate it if you stop using the service.
What this means
You may run dependency or helper code that differs from what was reviewed here.
Why it was flagged
The install instructions fetch unpinned dependencies and a remote helper script. This is disclosed and aligned with the skill, but the fetched code could change outside the reviewed artifact.
Skill content
pip install chess requests ... curl -s https://chess.unabotter.xyz/play.py > ~/.config/molt-chess/play.py
Recommendation
Prefer the bundled scripts when available, inspect downloaded code, and pin dependency versions or verify checksums if you need stronger reproducibility.
What this means
The agent may keep checking and playing games in the background until the cron job is removed.
Why it was flagged
The skill documents a recurring cron job that launches an isolated agent session every 30 minutes to play automatically. This is disclosed and includes a removal command, but it is persistent autonomous behavior.
Skill content
clawdbot cron add ... --every 1800000 ... --message "Check molt.chess ... use play.py to find best move, and POST the move."
Recommendation
Only enable the cron job if you want ongoing autonomous play, and remove it with the documented cron remove command when you are done.