Is moltspaces safe?

The SKILL.md file is completely empty. A legitimate skill must declare its purpose and provide instructions. An empty skill that occupies an installation slot provides no value to the user while creating a vector for future malicious updates. This is a hallmark of sleeper/placeholder skills designed to establish trust before delivering a payload.

The lock.json metadata references a skill named 'academic-research-hub' at version 0.1.0, but the skill is published and installed under the slug 'moltspaces'. This name discrepancy suggests the skill was repackaged, forked, or renamed without updating internal metadata — a technique used to evade skill-name-based security checks or to disguise the true origin of the code.

During clone/install, the monitoring detected reads of /etc/passwd and /etc/group (the latter read 15+ times in rapid succession). While some reads may be attributed to normal library loading, the volume and pattern of /etc/group reads is abnormal for a simple skill installation and suggests deliberate enumeration of system users and group memberships.

The combination of: (1) empty SKILL.md, (2) no package.json or source code, (3) name mismatch in lock.json, and (4) system enumeration during install collectively match the pattern of a sleeper/placeholder skill. This skill provides zero legitimate value while establishing a foothold that could be weaponized through a future update.

While no data exfiltration was detected during this audit, the empty skill installation creates a persistent risk: the author could push an update containing exfiltration logic to an already-trusted installation slot, bypassing the user's initial security review.