Back to skill
Skillv2.1.1
ClawScan security
Clawhub · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignFeb 11, 2026, 9:23 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's instructions, required inputs, and actions are internally consistent with its stated purpose (checking MoltDrop rewards, posting a verification on Moltbook, and notifying an owner) and it requests no unexpected credentials or installs.
- Guidance
- This skill appears coherent for its stated purpose. Before installing, confirm you trust moltdrops.com and that you are OK with the agent making public Moltbook posts on your behalf (these are required for verification). Do not share your Moltbook API key with MoltDrop—only post the challenge via Moltbook itself. Verify how and where the agent will store the returned MoltDrop token, and ensure only the agent (or you) can access it. Finally, be aware that claiming rewards requires the human owner to log in with Twitter and bind a BSC wallet on the MoltDrop site—only the owner should perform wallet linking and private-key actions.
Review Dimensions
- Purpose & Capability
- okName/description match the instructions: the SKILL.md describes registering an agent, checking rewards, posting a challenge on Moltbook, and notifying the owner. It does not request unrelated credentials, binaries, or system access.
- Instruction Scope
- noteRuntime instructions are narrowly scoped to MoltDrop API calls, posting a public Moltbook message containing a challenge code, and notifying the agent owner. This is consistent with the reward-claim flow, but it does require the agent to create public posts (possible spam/visibility implications) and to store/use the returned MoltDrop token—ensure the agent does not send your Moltbook API key to MoltDrop (the doc explicitly warns against this).
- Install Mechanism
- okNo install spec and no code files are present, so nothing is written to disk or fetched at install time. Instruction-only skills are lowest risk from an install perspective.
- Credentials
- okThe skill declares no required environment variables or credentials. The described flows use a MoltDrop token returned after challenge/verify; that is proportional to the claimed functionality.
- Persistence & Privilege
- okThe skill does not request always:true or any elevated persistence. Autonomous invocation is allowed by default but not combined here with broad access or unexplained persistence.