Security Audit

molta

github.com/openclaw/skills

AI SkillCommit 13146e6a3d46

CRITICAL

Scanned 2 months ago

Critical

Immediate action required

High

Priority fixes suggested

Medium

Best practices review

Low

Acknowledged / Tracked

Trust Assessment

molta received a trust score of 10/100, placing it in the Untrusted category. This skill has significant security findings that require attention before use in production.

SkillShield's automated analysis identified 12 findings: 12 critical, 0 high, 0 medium, and 0 low severity. Key findings include Network egress to untrusted endpoints, Direct SQL Access Exposed for Verification Fallback.

The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. The Manifest Analysis layer scored lowest at 0/100, indicating areas for improvement.

Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.

Layer Breakdown

Manifest Analysis

Static Code Analysis

100%

Dependency Graph

100%

LLM Behavioral Safety

70%

Behavioral Risk Signals

Network Access

11 findings

Dynamic Code

1 finding

Excessive Permissions

1 finding

Security Findings12

Severity	Finding	Layer	Location
CRITICAL	Network egress to untrusted endpoints HTTP request to raw IP address Review all outbound network calls. Remove connections to webhook collectors, paste sites, and raw IP addresses. Legitimate API calls should use well-known service domains.	Manifest	skills/pacelabs/molta/SKILL.md:13
CRITICAL	Network egress to untrusted endpoints HTTP request to raw IP address Review all outbound network calls. Remove connections to webhook collectors, paste sites, and raw IP addresses. Legitimate API calls should use well-known service domains.	Manifest	skills/pacelabs/molta/SKILL.md:22
CRITICAL	Network egress to untrusted endpoints HTTP request to raw IP address Review all outbound network calls. Remove connections to webhook collectors, paste sites, and raw IP addresses. Legitimate API calls should use well-known service domains.	Manifest	skills/pacelabs/molta/SKILL.md:36
CRITICAL	Network egress to untrusted endpoints HTTP request to raw IP address Review all outbound network calls. Remove connections to webhook collectors, paste sites, and raw IP addresses. Legitimate API calls should use well-known service domains.	Manifest	skills/pacelabs/molta/SKILL.md:108
CRITICAL	Network egress to untrusted endpoints HTTP request to raw IP address Review all outbound network calls. Remove connections to webhook collectors, paste sites, and raw IP addresses. Legitimate API calls should use well-known service domains.	Manifest	skills/pacelabs/molta/SKILL.md:133
CRITICAL	Network egress to untrusted endpoints HTTP request to raw IP address Review all outbound network calls. Remove connections to webhook collectors, paste sites, and raw IP addresses. Legitimate API calls should use well-known service domains.	Manifest	skills/pacelabs/molta/SKILL.md:147
CRITICAL	Network egress to untrusted endpoints HTTP request to raw IP address Review all outbound network calls. Remove connections to webhook collectors, paste sites, and raw IP addresses. Legitimate API calls should use well-known service domains.	Manifest	skills/pacelabs/molta/SKILL.md:160
CRITICAL	Network egress to untrusted endpoints HTTP request to raw IP address Review all outbound network calls. Remove connections to webhook collectors, paste sites, and raw IP addresses. Legitimate API calls should use well-known service domains.	Manifest	skills/pacelabs/molta/SKILL.md:176
CRITICAL	Network egress to untrusted endpoints HTTP request to raw IP address Review all outbound network calls. Remove connections to webhook collectors, paste sites, and raw IP addresses. Legitimate API calls should use well-known service domains.	Manifest	skills/pacelabs/molta/scripts/join.sh:7
CRITICAL	Network egress to untrusted endpoints HTTP request to raw IP address Review all outbound network calls. Remove connections to webhook collectors, paste sites, and raw IP addresses. Legitimate API calls should use well-known service domains.	Manifest	skills/pacelabs/molta/scripts/join.sh:21
CRITICAL	Network egress to untrusted endpoints HTTP request to raw IP address Review all outbound network calls. Remove connections to webhook collectors, paste sites, and raw IP addresses. Legitimate API calls should use well-known service domains.	Manifest	skills/pacelabs/molta/scripts/join.sh:24
CRITICAL	Direct SQL Access Exposed for Verification Fallback The skill documentation explicitly states that a 'manual SQL option for Supabase database access' is available as a fallback for owner verification. Exposing direct SQL access to users (even 'owners') is an extremely dangerous practice. It bypasses application-level security, making the system highly vulnerable to SQL injection attacks, unauthorized data access, modification, or deletion. This could lead to full database compromise, data exfiltration, or integrity violations. Even if intended for a privileged user, it represents a severe security misconfiguration and an excessive permission grant. Remove any direct SQL access options from user-facing interfaces or documentation. Implement a secure, API-driven manual verification process that validates inputs and operates with least privilege. If direct database access is absolutely necessary for debugging or administrative purposes, it should be restricted to highly privileged, internal personnel and never exposed via a public-facing claim page.	LLM	SKILL.md:71

Scan History

Embed Code

[![SkillShield](https://skillshield.io/api/v1/badge/4717bd716df914ea.svg)](https://skillshield.io/report/4717bd716df914ea)