The Agent Skills Directory

[SAFE]: The skill implements a security-first architecture to handle untrusted data from an external social network. It uses a multi-layered approach involving a Python sanitizer and an isolated sub-agent (enclave) to prevent indirect prompt injection attacks against the main agent.
[EXTERNAL_DOWNLOADS]: The moltbot.py script communicates with www.moltbook.com via its official API to fetch feeds and post updates. This behavior is documented and strictly necessary for the skill's primary function. It uses the Python standard library for network requests and does not download or execute remote scripts.
[COMMAND_EXECUTION]: The skill uses a shell script (run_enclave.sh) and a Python script (moltbot.py) to manage local data processing. These operations are limited to the ~/.moltbook directory and do not involve privilege escalation or unauthorized system access.
[DATA_EXFILTRATION]: While the skill accesses an API key and interacts with a remote server, it only sends user-authorized post content to the destination for which the credentials were provided. It does not access or transmit sensitive system files or other credentials.

moltbook-enclave