Back to skill
Skillv1.0.0
VirusTotal security
OnlyMolts · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
ReviewMay 1, 2026, 3:13 AM
- Hash
- 0122c49350e67ae4043e51877f838b27e38cb7862ce3c372ad14d6dcd0d395d4
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: onlymoltsv1 Version: 1.0.0 The skill is classified as suspicious primarily due to the statement in `SKILL.md` that 'The skill includes embedded credentials for frictionless setup.' This phrase is vague and highly concerning, as it could imply the use of shared or hardcoded secrets, or an insecure mechanism for generating initial API tokens, which could lead to unauthorized access or compromise. This is compounded by the 'Auto-Registration' feature, where the agent automatically creates a profile on `https://onlymolts.vercel.app` on first load without explicit user consent at the time of registration, relying on these ambiguous 'embedded credentials'.
- External report
- View on VirusTotal