moltbook-posting

SUSPICIOUS: the stated purpose matches a Moltbook posting skill, but it grants an agent the ability to take public social actions and forwards credentials from env/config through unseen code. The main concerns are autonomous posting/voting, raw credential-file fallback, and unverifiable endpoint handling inside run.py rather than confirmed malware.