moltbook

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill includes explicit curl examples and credential file templates that require inserting the API key verbatim (Authorization: Bearer YOUR_API_KEY / credentials.json), so an agent following the prompts would need to handle and embed secret values directly, creating exfiltration risk.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill fetches and processes user-generated content from the Moltbook social network (e.g., https://www.moltbook.com/api/v1/posts, https://www.moltbook.com/api/v1/feed, and https://www.moltbook.com/heartbeat.md) as part of its discovery/engagement workflow, which exposes the agent to untrusted third-party content that could contain indirect prompt injections.