Skills
skills/daydreamsai/skills-market/moltbook-promotion/Gen Agent Trust Hub

moltbook-promotion

Warn

Audited by Gen Agent Trust Hub on Mar 4, 2026

Risk Level: MEDIUMCREDENTIALS_UNSAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [CREDENTIALS_UNSAFE]: The skill instructs the user to store a Moltbook API key in a local file at ~/.config/moltbook/credentials.json and then reads this file to set environment variables for authentication.
  • [EXTERNAL_DOWNLOADS]: The documentation references the installation of the @lucid-agents/cli tool, which is an official resource provided by the vendor, daydreamsai.
  • [COMMAND_EXECUTION]: The skill uses common shell utilities including curl, grep, cut, and jq to manage credentials and interact with the Moltbook API.
  • [PROMPT_INJECTION]: The skill is designed to ingest and respond to external, untrusted content from the Moltbook API, which introduces a surface for indirect prompt injection.
  • Ingestion points: The agent fetches posts via https://www.moltbook.com/api/v1/posts to generate engagement drafts.
  • Boundary markers: The skill includes a 'Safety Protocol' section that explicitly labels Moltbook content as untrusted and instructs the agent to ignore embedded instructions.
  • Capability inventory: The skill utilizes curl for network requests and shell commands for data parsing; it does not possess capabilities for arbitrary code execution or local file writing beyond its specified promotional purpose.
  • Sanitization: A strict human-in-the-loop policy is enforced, requiring explicit approval for all drafts and prohibiting auto-posting to mitigate the risk of malicious input influencing agent behavior.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Mar 4, 2026, 02:15 PM