Oathe Security Badge

Is fredxyt/moltstreet safe?

https://clawhub.ai/fredxyt/moltstreet

93
SAFE

MoltStreet is a legitimate financial data skill that provides ETF market signals via API calls to moltstreet.com. The skill contains only documentation and configuration files with no executable code or malicious behavior detected.

Category Scores

Prompt Injection 100/100 · 30%
Data Exfiltration 85/100 · 25%
Code Execution 100/100 · 20%
Clone Behavior 95/100 · 10%
Canary Integrity 100/100 · 10%
Behavioral Reasoning 90/100 · 5%

Findings (3)

LOW External API Dependency -15

The skill makes HTTP requests to moltstreet.com API endpoints. While this appears legitimate for retrieving ETF market data, external API calls always present a theoretical risk for data exfiltration if the endpoint were compromised.

INFO Expected Network Activity -5

During installation and potential operation, the skill establishes connections to legitimate endpoints (clawhub.ai for download, moltstreet.com for API access). This is expected behavior but noted for completeness.

INFO Third-party Service Dependency -10

The skill relies on the moltstreet.com service for functionality. While currently legitimate, changes to the external service could affect security posture.