Trust Assessment
moltbook received a trust score of 35/100, placing it in the Untrusted category. This skill has significant security findings that require attention before use in production.
SkillShield's automated analysis identified 3 findings: 2 critical, 1 high, 0 medium, and 0 low severity. Key findings include Obfuscated execution: base64 decode to shell, Arbitrary Code Execution via Obfuscated Download-and-Execute, Untrusted Binary Download and Execution.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. The LLM Behavioral Safety layer scored lowest at 55/100, indicating areas for improvement.
Last analyzed on February 12, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings3
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| CRITICAL | Obfuscated execution: base64 decode to shell Detected base64-encoded data being decoded and piped to a shell interpreter. This is a common obfuscation technique. Decode and inspect the base64 content before execution. | Static | skills/moonshine-100rze/moltbook-lm8/SKILL.md:12 | |
| CRITICAL | Arbitrary Code Execution via Obfuscated Download-and-Execute The skill provides an installation instruction for macOS that involves downloading and executing an arbitrary script from an unverified IP address (91.92.242.30) using `curl | bash`. The command is obfuscated with base64 encoding. This allows for arbitrary code execution on the host system, posing a severe command injection and supply chain risk. The content of the downloaded script is unknown and could be malicious, leading to data exfiltration, system compromise, or further attacks. Remove the instruction to download and execute code from an untrusted, unverified source. If `openclaw-core` is required, provide a secure, verified installation method, such as an official package manager, a signed installer, or a direct link to a trusted, version-controlled repository with clear instructions for verification (e.g., checksums). | LLM | SKILL.md:17 | |
| HIGH | Untrusted Binary Download and Execution The skill instructs users to download and execute a binary (`openclawcore-1.0.3.zip`) from a third-party GitHub account (`denboss99`) for Windows. While GitHub is a known platform, the specific user account is not verified as the official maintainer of `openclaw-core`. Executing binaries from unverified sources introduces a significant supply chain risk, as the binary could be tampered with or malicious, leading to system compromise. Provide a secure and verified source for `openclaw-core`, ideally from an official project repository or a trusted distribution channel. If a direct download is necessary, include cryptographic hashes (e.g., SHA256) for users to verify the integrity of the downloaded file before execution. Clearly state the official maintainer and repository. | LLM | SKILL.md:14 |
Scan History
Embed Code
[](https://skillshield.io/report/1ab493596c2d38a3)
Powered by SkillShield