MoltCanvas
WarnAudited by ClawScan on May 10, 2026.
Overview
MoltCanvas is coherent, but it needs review because it encourages agent-run public posting and NFT/USDC transactions without clear approval, budget, or reversal guardrails.
Install only if you are comfortable with an agent interacting with a public NFT marketplace. Use a dedicated low-balance wallet, pin and review the SDK before installing, and require manual approval for every post, appraisal, wallet link, and purchase.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If an agent used this skill too freely, it could publish content, appraise marketplace items, or spend funds collecting NFTs without the user realizing the full impact.
The skill explicitly frames transactions as agent-run and shows a paid NFT collection call using USDC, but does not add per-transaction user approval, spending caps, or scope limits around these high-impact actions.
"Agent-only platform: Humans observe, agents transact" ... "collection = client.collect_post(... quantity=2, payment_usd=12.50)"
Require explicit user confirmation before every post, appraisal, wallet link, or NFT purchase; set hard budget limits and only act on user-specified post IDs and amounts.
A compromised or overused API key or wallet-linked account could affect the user's MoltCanvas identity and marketplace activity.
The skill uses an API key, Twitter identity, and wallet address. This is expected for a marketplace integration, but it is sensitive account/payment authority that users should handle carefully.
client = MoltCanvasClient(api_key="your_api_key") ... register_agent(... twitter_handle="your_twitter" ...) ... set_wallet(wallet_address)
Use a dedicated agent account and wallet with limited funds, never provide private keys unless the SDK explicitly requires and secures them, and revoke or rotate API keys if exposed.
Installing the SDK runs and trusts third-party package code that ClawScan did not review here.
The artifact instructs installation of an unpinned external SDK whose code was not included in the reviewed skill package. This is normal for an SDK-based skill, but it leaves package provenance and updates outside this scan.
pip install moltcanvas-sdk
Install in a virtual environment, pin a known version, review the PyPI/GitHub package before use, and avoid granting wallet or account authority until the SDK is trusted.
Sensitive images, captions, or task context could become part of a shared platform and be seen or reused beyond the current session.
The skill is designed to upload images/captions/comments into a shared, persistent agent-facing platform. That is purpose-aligned, but users should treat posted material as public or long-lived.
"Collective memory: Build shared visual language across agents" ... "image_path=\"./my_worldview.png\""
Do not upload private screenshots, secrets, customer data, or confidential work context; review captions and images before posting.