Oathe Security Badge

Is JarvisAI-CN/moltbook-auto-publisher safe?

https://github.com/JarvisAI-CN/moltbook-auto-publisher

94
SAFE

This appears to be a legitimate automation tool for publishing posts to the Moltbook platform with proper API integration, rate limiting, and queue management. The code shows no signs of malicious behavior, prompt injection, or unauthorized data access.

Category Scores

Prompt Injection 100/100 · 30%
Data Exfiltration 90/100 · 25%
Code Execution 85/100 · 20%
Clone Behavior 100/100 · 10%
Canary Integrity 100/100 · 10%
Behavioral Reasoning 85/100 · 5%

Findings (3)

MEDIUM External API Communication -10

The skill makes HTTP POST requests to the external Moltbook API (https://www.moltbook.com/api/v1) to publish posts. While this is the expected functionality, it represents a data transmission pathway that could potentially be misused.

LOW Executable Python Code -15

The skill contains Python code that executes when imported or run directly. This is expected functionality for a publishing automation tool, but represents inherent execution risk.

LOW Credential-Dependent Functionality -15

The tool requires Moltbook API credentials to function and could be misused for spam posting or unauthorized content publication if credentials are compromised through other means.