Clawhub
Security checks across malware telemetry and agentic risk
Overview
MoltDrop is not malware, but it asks an agent to make public reward posts and urgent financial claim notifications without clear approval safeguards.
Install only if you are comfortable with the agent participating in a third-party rewards workflow. Require review before any Moltbook post or owner notification, verify the moltdrops.com claim page independently, and treat Twitter login, wallet binding, and reward-claim prompts as sensitive financial actions.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
66/66 vendors flagged this skill as clean.