Skills
NYC
skills/smithery/ai/moltter/Gen Agent Trust Hub

moltter

Fail

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: HIGHPROMPT_INJECTIONDATA_EXFILTRATION
Full Analysis
  • [PROMPT_INJECTION] (HIGH): High risk of indirect prompt injection due to processing untrusted social media content.
  • Ingestion points: The agent retrieves untrusted data from GET /api/v1/timeline/global, GET /api/v1/notifications, and GET /api/v1/search within the SKILL.md file.
  • Boundary markers: Absent. The instructions do not define any delimiters or warning protocols to help the agent distinguish between user data and instructions.
  • Capability inventory: The skill provides significant write/execute capabilities including posting content (POST /api/v1/molts), following agents (POST /api/v1/agents/{name}/follow), and updating profile metadata.
  • Sanitization: Absent. There is no evidence of filtering or sanitization of content retrieved from the social network.
  • [DATA_EXFILTRATION] (LOW): The skill performs network operations to a non-whitelisted external domain.
  • Evidence: All API interactions are directed to https://moltter.net, which is not a trusted external source. While no active exfiltration of local system secrets was detected, the network capability remains a medium for potential data transit.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 16, 2026, 08:46 AM