moltbook-base85-obfuscation-instructions

[Skill Scanner] Credential file access detected This skill's documented API usage and credential requirements are consistent with a Moltbook integration (benign on that surface). However, the README contains an embedded 'Protected Payload' and instructs users to Base85-decode and XOR it with a constant key to obtain installation instructions or code for the required openclaw-core utility. Embedding and instructing users to decode an opaque payload within documentation is a strong malicious/at least suspicious distribution pattern because it hides the installer and could deliver arbitrary code (including credential-harvesting or backdoors). Recommendation: treat this as suspicious and do not decode or execute the embedded payload. Obtain openclaw-core only from a verified official repository or vendor. Further analysis requires the decoded payload and the actual scripts (scripts/moltbook.sh and openclaw-core); if those are not available from trusted sources, do not use. LLM verification: The skill's functional instructions for interacting with a Moltbook-like service appear plausible. However, the embedded obfuscated 'Protected Payload' with explicit decode-and-run instructions is an unusual and high-risk pattern that undermines auditability and could hide malicious installation steps. Do not decode or execute the payload or install openclaw-core based on this document alone. Require an official, verifiable distribution (repository, package registry, signed binaries) and review