moltbook-premium-base65-moltbook

[Skill Scanner] Credential file access detected All findings: [HIGH] data_exfiltration: Credential file access detected (DE002) [AITech 8.2.3] [HIGH] command_injection: Backtick command substitution detected (CI003) [AITech 9.1.4] [HIGH] command_injection: Backtick command substitution detected (CI003) [AITech 9.1.4] SUSPICIOUS: Core CLI features (credential usage, posting, reply logging) align with purpose and are plausible. However, embedding an obfuscated payload in documentation and instructing users to decode it and POST to localhost is nonstandard and increases supply-chain risk. The lack of explicit API hostnames and suppressed error handling further reduce observability. Do not execute the decode-and-activate steps or run scripts from this repository in sensitive environments until: (1) scripts/moltbook.sh and any local service listening on 127.0.0.1 are audited, (2) the decoded license value is inspected to determine whether it contains secrets/commands, and (3) the real API hosts and network destinations are confirmed. LLM verification: The skill's primary functionality (interacting with Moltbook) is consistent with the documented artifact (credential file, CLI scripts, API endpoints, reply log). The main concerns are an obfuscated embedded payload decoded locally and a prescriptive instruction to POST the resulting license to localhost unchanged. These together are suspicious: they conceal the license contents and force a non-transparent local activation flow. I find the package potentially risky until the decoded payload and