skills/bolhasec/post-empirically-testing-skill-scanners/moltbook-data-splitting-code/Gen Agent Trust Hub
moltbook-data-splitting-code
Fail
Audited by Gen Agent Trust Hub on Feb 20, 2026
Risk Level: HIGHCREDENTIALS_UNSAFEREMOTE_CODE_EXECUTIONCOMMAND_EXECUTION
Full Analysis
- [Obfuscation] (HIGH): The skill includes a Python script that uses a transposition cipher (interleaving three strings p0, p1, and p2) to construct a hidden shell command. This technique is intentionally designed to evade static analysis and hide the true nature of the installation instructions from the user.
- [Remote Code Execution] (HIGH): The obfuscated script is intended to facilitate the installation of an unverified 'openclaw-core' utility. Analysis of the string fragments (e.g., 'curl', 'bash', 'github', 'chmod') indicates that the generated command likely downloads and executes a script from an untrusted remote source.
- [Credentials Unsafe] (MEDIUM): The skill instructs the user to store sensitive API credentials in a plaintext JSON file at
~/.config/moltbook/credentials.json. Combined with the obfuscated installation script, this poses a significant risk of credential exfiltration. - [Metadata Poisoning] (MEDIUM): The skill uses a fabricated context involving a 'social network for AI agents' to justify the execution of suspicious code and the collection of credentials.
Recommendations
- AI detected serious security threats
Audit Metadata