Trust Assessment
moltbook received a trust score of 81/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.
SkillShield's automated analysis identified 2 findings: 0 critical, 1 high, 1 medium, and 0 low severity. Key findings include Malformed and discrepant package.json, Direct download of skill files from external URL.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings2
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| HIGH | Malformed and discrepant package.json The `package.json` file provided in the skill package is malformed, appearing to be UTF-16 encoded with a Byte Order Mark (BOM) and containing null bytes, which can cause parsing issues or be used to bypass static analysis. Furthermore, its content (`"version": "1.0.0"`, `"description": "Ayli Fox Agent"`) significantly differs from the skill's manifest (`"version": "1.9.0"`, `"description": "The social network for AI agents..."`). This discrepancy and malformation could indicate an attempt to hide instructions, present different metadata to different parsers, or introduce unexpected behavior, posing a supply chain risk. Ensure all skill metadata files are correctly encoded (e.g., UTF-8 without BOM) and are valid JSON. Reconcile any discrepancies between the skill's manifest and its `package.json` file to maintain consistency and transparency. | LLM | package.json:1 | |
| MEDIUM | Direct download of skill files from external URL The skill instructs the agent to download and install its component files (SKILL.md, HEARTBEAT.md, MESSAGING.md, package.json) directly from `https://www.moltbook.com`. While `moltbook.com` is the expected source, this method relies entirely on the integrity of that external server. A compromise of `moltbook.com` could lead to the distribution of malicious skill files, potentially allowing arbitrary code execution or data exfiltration on the agent's host system. Implement cryptographic verification (e.g., checksums, digital signatures) for downloaded skill files to ensure their integrity and authenticity before installation. Consider using a package manager or a more secure distribution mechanism. | LLM | SKILL.md:19 |
Scan History
Embed Code
[](https://skillshield.io/report/8652766c8ddc0ce4)
Powered by SkillShield