{ "schemaVersion": "1.0", "item": { "slug": "moltcops", "name": "Moltcops", "source": "tencent", "type": "skill", "category": "安全合规", "sourceUrl": "https://clawhub.ai/Adamthompson33/moltcops", "canonicalUrl": "https://clawhub.ai/Adamthompson33/moltcops", "targetPlatform": "OpenClaw" }, "install": { "downloadMode": "redirect", "downloadUrl": "/downloads/moltcops", "sourceDownloadUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=moltcops", "sourcePlatform": "tencent", "targetPlatform": "OpenClaw", "installMethod": "Manual import", "extraction": "Extract archive", "prerequisites": [ "OpenClaw" ], "packageFormat": "ZIP package", "includedAssets": [ "rules.json", "scripts/scan.py", "SKILL.md", "_meta.json" ], "primaryDoc": "SKILL.md", "quickSetup": [ "Download the package from Yavira.", "Extract the archive and review SKILL.md first.", "Import or place the package into your OpenClaw setup." ], "agentAssist": { "summary": "Hand the extracted package to your coding agent with a concrete install brief instead of figuring it out manually.", "steps": [ "Download the package from Yavira.", "Extract it into a folder your agent can access.", "Paste one of the prompts below and point your agent at the extracted folder." ], "prompts": [ { "label": "New install", "body": "I downloaded a skill package from Yavira. Read SKILL.md from the extracted folder and install it by following the included instructions. Tell me what you changed and call out any manual steps you could not complete." }, { "label": "Upgrade existing", "body": "I downloaded an updated skill package from Yavira. Read SKILL.md from the extracted folder, compare it with my current installation, and upgrade it while preserving any custom configuration unless the package docs explicitly say otherwise. Summarize what changed and any follow-up checks I should run." } ] }, "sourceHealth": { "source": "tencent", "status": "healthy", "reason": "direct_download_ok", "recommendedAction": "download", "checkedAt": "2026-04-23T16:43:11.935Z", "expiresAt": "2026-04-30T16:43:11.935Z", "httpStatus": 200, "finalUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=4claw-imageboard", "contentType": "application/zip", "probeMethod": "head", "details": { "probeUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=4claw-imageboard", "contentDisposition": "attachment; filename=\"4claw-imageboard-1.0.1.zip\"", "redirectLocation": null, "bodySnippet": null }, "scope": "source", "summary": "Source download looks usable.", "detail": "Yavira can redirect you to the upstream package for this source.", "primaryActionLabel": "Download for OpenClaw", "primaryActionHref": "/downloads/moltcops" }, "validation": { "installChecklist": [ "Use the Yavira download entry.", "Review SKILL.md after the package is downloaded.", "Confirm the extracted package contains the expected setup assets." ], "postInstallChecks": [ "Confirm the extracted package includes the expected docs or setup files.", "Validate the skill or prompts are available in your target agent workspace.", "Capture any manual follow-up steps the agent could not complete." ] }, "downloadPageUrl": "https://openagent3.xyz/downloads/moltcops", "agentPageUrl": "https://openagent3.xyz/skills/moltcops/agent", "manifestUrl": "https://openagent3.xyz/skills/moltcops/agent.json", "briefUrl": "https://openagent3.xyz/skills/moltcops/agent.md" }, "agentAssist": { "summary": "Hand the extracted package to your coding agent with a concrete install brief instead of figuring it out manually.", "steps": [ "Download the package from Yavira.", "Extract it into a folder your agent can access.", "Paste one of the prompts below and point your agent at the extracted folder." ], "prompts": [ { "label": "New install", "body": "I downloaded a skill package from Yavira. Read SKILL.md from the extracted folder and install it by following the included instructions. Tell me what you changed and call out any manual steps you could not complete." }, { "label": "Upgrade existing", "body": "I downloaded an updated skill package from Yavira. Read SKILL.md from the extracted folder, compare it with my current installation, and upgrade it while preserving any custom configuration unless the package docs explicitly say otherwise. Summarize what changed and any follow-up checks I should run." } ] }, "documentation": { "source": "clawhub", "primaryDoc": "SKILL.md", "sections": [ { "title": "MoltCops — Skill Security Scanner", "body": "Scan any skill for security threats before you install it. Detects prompt injection, data exfiltration, sleeper triggers, drain patterns, and 16 more threat categories.\n\nLocal-first. Your code never leaves your machine. No API calls. No uploads. No accounts." }, { "title": "When to Use", "body": "Before installing any skill from ClawHub, GitHub, or other sources\nBefore running skills shared by other agents\nWhen evaluating unknown code from any source\nAfter ClawHavoc: 341 malicious skills were found on ClawHub this week. Scan first." }, { "title": "How to Run", "body": "python3 scripts/scan.py \n\nExample:\n\n# Scan a skill before installing\npython3 scripts/scan.py ~/.openclaw/skills/suspicious-skill\n\n# Scan a freshly downloaded skill\npython3 scripts/scan.py ./my-new-skill\n\nNo dependencies required — uses only Python 3 standard library." }, { "title": "Reading Results", "body": "The scanner returns three verdicts:\n\nVerdictExit CodeMeaningPASS0No critical or high-risk threats detected. Safe to install.WARN1High-risk patterns found. Review findings before installing.BLOCK2Critical threats detected. Do NOT install this skill." }, { "title": "What It Detects", "body": "20 detection rules across these threat categories:\n\nCategoryRulesExamplesPrompt InjectionMC-001, MC-002, MC-003System prompt override, jailbreak payloads, tool-use steeringCode InjectionMC-004, MC-005, MC-006, MC-019Shell injection, eval/exec, base64-to-exec, child_processData ExfiltrationMC-007, MC-008, MC-009, MC-010, MC-020Webhook URLs, env var harvesting, SSH key access, credential filesHardcoded SecretsMC-011, MC-012API keys in source, private key materialFinancialMC-013Drain patterns, unlimited withdrawalsLateral MovementMC-014Git credential access, repo manipulationPersistenceMC-015, MC-016SOUL.md writes, cron job creationAutonomy AbuseMC-017Destructive force flags (rm -rf, git push --force)InfrastructureMC-018Permission escalation (sudo, chmod 777)" }, { "title": "False Positive Handling", "body": "The scanner includes context-aware filtering to reduce false positives:\n\nEnv var access (MC-008): Only flags when variable names contain KEY, SECRET, PASSWORD, TOKEN, or CREDENTIAL\nGit operations (MC-014): Skips standard remotes (github.com, gitlab.com, bitbucket.org)\nForce flags (MC-017): Only flags on destructive operations, not install scripts" }, { "title": "Example Output", "body": "MoltCops Security Scanner\n========================================\nScanning: ./suspicious-skill\nFiles: 5\nRules: 20\n\nFINDINGS\n----------------------------------------\n[CRITICAL] MC-007: Exfiltration URL (main.py:14)\n[CRITICAL] MC-004: Shell Injection (helper.sh:8)\n[HIGH] MC-005: Dynamic Code Execution (main.py:22)\n\nSUMMARY\n========================================\nFiles scanned: 5\nTotal findings: 3\n Critical: 2\n High: 1\n Medium: 0\n\nVERDICT: BLOCK\nCritical threats detected. Do NOT install this skill." }, { "title": "Web Scanner", "body": "For a browser-based version with the same engine, visit: https://scan.moltcops.com" }, { "title": "About MoltCops", "body": "MoltCops protects the AI agent ecosystem from malicious skills. While VirusTotal catches known malware signatures, MoltCops catches behavioral patterns — drain logic, sleeper triggers, prompt injection, and data exfiltration that signature-based scanning misses.\n\nWeb: https://moltcops.com\nMoltbook: https://moltbook.com/u/MoltCops" } ], "body": "MoltCops — Skill Security Scanner\n\nScan any skill for security threats before you install it. Detects prompt injection, data exfiltration, sleeper triggers, drain patterns, and 16 more threat categories.\n\nLocal-first. Your code never leaves your machine. No API calls. No uploads. No accounts.\n\nWhen to Use\nBefore installing any skill from ClawHub, GitHub, or other sources\nBefore running skills shared by other agents\nWhen evaluating unknown code from any source\nAfter ClawHavoc: 341 malicious skills were found on ClawHub this week. Scan first.\nHow to Run\npython3 scripts/scan.py \n\n\nExample:\n\n# Scan a skill before installing\npython3 scripts/scan.py ~/.openclaw/skills/suspicious-skill\n\n# Scan a freshly downloaded skill\npython3 scripts/scan.py ./my-new-skill\n\n\nNo dependencies required — uses only Python 3 standard library.\n\nReading Results\n\nThe scanner returns three verdicts:\n\nVerdict\tExit Code\tMeaning\nPASS\t0\tNo critical or high-risk threats detected. Safe to install.\nWARN\t1\tHigh-risk patterns found. Review findings before installing.\nBLOCK\t2\tCritical threats detected. Do NOT install this skill.\nWhat It Detects\n\n20 detection rules across these threat categories:\n\nCategory\tRules\tExamples\nPrompt Injection\tMC-001, MC-002, MC-003\tSystem prompt override, jailbreak payloads, tool-use steering\nCode Injection\tMC-004, MC-005, MC-006, MC-019\tShell injection, eval/exec, base64-to-exec, child_process\nData Exfiltration\tMC-007, MC-008, MC-009, MC-010, MC-020\tWebhook URLs, env var harvesting, SSH key access, credential files\nHardcoded Secrets\tMC-011, MC-012\tAPI keys in source, private key material\nFinancial\tMC-013\tDrain patterns, unlimited withdrawals\nLateral Movement\tMC-014\tGit credential access, repo manipulation\nPersistence\tMC-015, MC-016\tSOUL.md writes, cron job creation\nAutonomy Abuse\tMC-017\tDestructive force flags (rm -rf, git push --force)\nInfrastructure\tMC-018\tPermission escalation (sudo, chmod 777)\nFalse Positive Handling\n\nThe scanner includes context-aware filtering to reduce false positives:\n\nEnv var access (MC-008): Only flags when variable names contain KEY, SECRET, PASSWORD, TOKEN, or CREDENTIAL\nGit operations (MC-014): Skips standard remotes (github.com, gitlab.com, bitbucket.org)\nForce flags (MC-017): Only flags on destructive operations, not install scripts\nExample Output\nMoltCops Security Scanner\n========================================\nScanning: ./suspicious-skill\nFiles: 5\nRules: 20\n\nFINDINGS\n----------------------------------------\n[CRITICAL] MC-007: Exfiltration URL (main.py:14)\n[CRITICAL] MC-004: Shell Injection (helper.sh:8)\n[HIGH] MC-005: Dynamic Code Execution (main.py:22)\n\nSUMMARY\n========================================\nFiles scanned: 5\nTotal findings: 3\n Critical: 2\n High: 1\n Medium: 0\n\nVERDICT: BLOCK\nCritical threats detected. Do NOT install this skill.\n\nWeb Scanner\n\nFor a browser-based version with the same engine, visit: https://scan.moltcops.com\n\nAbout MoltCops\n\nMoltCops protects the AI agent ecosystem from malicious skills. While VirusTotal catches known malware signatures, MoltCops catches behavioral patterns — drain logic, sleeper triggers, prompt injection, and data exfiltration that signature-based scanning misses.\n\nWeb: https://moltcops.com\nMoltbook: https://moltbook.com/u/MoltCops" }, "trust": { "sourceLabel": "tencent", "provenanceUrl": "https://clawhub.ai/Adamthompson33/moltcops", "publisherUrl": "https://clawhub.ai/Adamthompson33/moltcops", "owner": "Adamthompson33", "version": "1.1.0", "license": null, "verificationStatus": "Indexed source record" }, "links": { "detailUrl": "https://openagent3.xyz/skills/moltcops", "downloadUrl": "https://openagent3.xyz/downloads/moltcops", "agentUrl": "https://openagent3.xyz/skills/moltcops/agent", "manifestUrl": "https://openagent3.xyz/skills/moltcops/agent.json", "briefUrl": "https://openagent3.xyz/skills/moltcops/agent.md" } }