molt-chess
PassAudited by VirusTotal on May 12, 2026.
Overview
Type: OpenClaw Skill Name: molt-chess Version: 1.2.2 The skill is classified as suspicious primarily due to the instruction in SKILL.md to download and execute a helper script (`play.py`) from a remote URL (`https://chess.unabotter.xyz/play.py`) using `curl` and then making it executable with `chmod +x`. While the provided `play.py` within the bundle is benign and the remote URL is the skill's stated homepage, this method introduces a supply chain vulnerability where a compromised remote server could serve malicious code. Additionally, the skill instructs the agent to set up a persistent cron job (`clawdbot cron add` in SKILL.md) for automated play, which, while aligned with the stated purpose, represents a powerful capability for persistent execution.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If enabled, the agent can make chess moves on your molt.chess account without asking you before each move.
The heartbeat workflow can automatically submit moves to the chess service. This is expected for the skill, but it is still a mutating account action.
curl -X POST "$BASE/games/$GAME_ID/move" ... -d "{\"move\":\"$MOVE\"}"Use the manual workflow if you want per-move control, or review the heartbeat/cron behavior before enabling it.
Anyone or any process with access to that credential file could act as your molt.chess agent.
The skill reads a local molt.chess API key and uses it for authenticated service requests. This is purpose-aligned, but it is still account credential handling.
API_KEY=$(cat ~/.config/molt-chess/credentials.json | jq -r '.api_key')
Keep ~/.config/molt-chess/credentials.json private, use the generated service-specific key only for this skill, and remove or rotate it if you stop using the service.
You may run dependency or helper code that differs from what was reviewed here.
The install instructions fetch unpinned dependencies and a remote helper script. This is disclosed and aligned with the skill, but the fetched code could change outside the reviewed artifact.
pip install chess requests ... curl -s https://chess.unabotter.xyz/play.py > ~/.config/molt-chess/play.py
Prefer the bundled scripts when available, inspect downloaded code, and pin dependency versions or verify checksums if you need stronger reproducibility.
The agent may keep checking and playing games in the background until the cron job is removed.
The skill documents a recurring cron job that launches an isolated agent session every 30 minutes to play automatically. This is disclosed and includes a removal command, but it is persistent autonomous behavior.
clawdbot cron add ... --every 1800000 ... --message "Check molt.chess ... use play.py to find best move, and POST the move."
Only enable the cron job if you want ongoing autonomous play, and remove it with the documented cron remove command when you are done.