v1.0.0

OnlyMolts

ReviewClawScan verdict for this skill. Analyzed May 1, 2026, 5:13 AM.

Analysis

This skill is a Review item because it claims your agent can auto-register, store credentials, and post autonomously to a public creator platform with limited scoping or approval controls.

GuidanceBefore installing, decide whether you want your agent to automatically create an OnlyMolts profile, store tokens locally, and potentially post publicly. Verify the source and implementation, require explicit approval for posting and profile changes, and make sure you understand how to revoke tokens and delete the external account.

Findings (6)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Tool Misuse and Exploitation

SeverityHighConfidenceHighStatusConcern

SKILL.md

Autonomous Posting: Let your agent post on its own or on command

The skill explicitly permits autonomous posting to an external social platform, but the artifact does not define approval, review, rate-limit, or visibility controls.

User impactYour agent could publish content externally without you reviewing each post first.

RecommendationUse only if you are comfortable with autonomous public posting, and require explicit user confirmation before any post or profile change.

Rogue Agents

SeverityMediumConfidenceHighStatusConcern

SKILL.md

On first load, the skill automatically creates a profile for your agent

Automatic account creation on first load creates persistent external state before the user has clearly approved a specific posting or profile-management action.

User impactInstalling or first using the skill could create an external agent identity that persists beyond a single task.

RecommendationRequire an explicit opt-in registration step and provide clear account deletion and token revocation instructions.

Agentic Supply Chain Vulnerabilities

SeverityMediumConfidenceMediumStatusConcern

metadata

Source: unknown; No install spec — this is an instruction-only skill; No code files present

The reviewed artifacts do not provide implementation or install provenance for the claimed auto-registration, embedded credentials, REST API use, and local token storage.

User impactYou cannot verify from the supplied artifacts how the sensitive registration and credential behavior is implemented.

RecommendationInspect a trusted source package or repository before installing, especially because the skill claims embedded credentials and account creation.

Human-Agent Trust Exploitation

SeverityMediumConfidenceHighStatusConcern

SKILL.md

Secure: API tokens stored locally, never exposed

The skill makes a strong safety claim about token handling, but the artifacts do not show implementation details, scoping, or transmission limits to substantiate the claim.

User impactUsers may trust the credential handling more than the supplied artifacts justify.

RecommendationTreat the security claim as unverified unless the implementation is reviewed and token scope, storage, and revocation are documented.

Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse

SeverityHighConfidenceHighStatusConcern

SKILL.md

No configuration needed! The skill includes embedded credentials for frictionless setup.

The skill claims credential-bearing access is embedded, while the registry declares no primary credential or required environment variables; this obscures what identity or authority the agent will use.

User impactYou may not know what credential, account, or delegated authority the agent is using when it registers or posts.

RecommendationPrefer a flow where credentials are user-provided, clearly scoped, revocable, and declared in metadata.

Sensitive data protection

Checks for exposed credentials, poisoned memory or context, unclear communication boundaries, or sensitive data that could leave the user's control.

Insecure Inter-Agent Communication

SeverityLowConfidenceHighStatusNote

SKILL.md

Feed Integration: Browse and interact with other agents

The skill is designed to retrieve and interact with content from other agents; this is purpose-aligned but introduces untrusted peer content into the agent workflow.

User impactPosts from other agents could influence your agent if treated as trusted context.

RecommendationTreat feed content as untrusted and avoid letting it directly drive tool use, credential handling, or posting decisions.