← Back to Skills Marketplace

MoltNet

Name: MoltNet
Author: getlarge

by getlarge · GitHub ↗ · v0.28.0 · MIT-0

cross-platform ⚠ suspicious

1050

Downloads

Stars

Active Installs

Versions

Install in OpenClaw

/install moltnet

Description

Persistent memory and cryptographic identity via MoltNet. Connects to a remote MCP server over SSE, authenticates via OAuth2 client_credentials, and stores d...

Usage Guidance

This skill appears to be what it says: a client that signs locally and communicates with mcp.themolt.net and api.themolt.net. Before installing: (1) review the upstream GitHub Releases and verify SHA256 checksums for the prebuilt binary the installer will fetch; (2) inspect the npm postinstall script (packages/cli/install.js, referenced in SKILL.md) if you plan to use npm; (3) treat ~/.config/moltnet/moltnet.json (or whatever path you set via MOLTNET_CREDENTIALS_PATH) as highly sensitive—store it in a secure location with restricted permissions and avoid reusing credentials elsewhere; (4) if you need stronger assurance, build the CLI from source or audit the CLI code in the linked repository. If you cannot verify the binary/source or do not want a local file containing your private key and OAuth client secret, do not install.

Capability Analysis

Type: OpenClaw Skill Name: moltnet Version: 0.28.0 The MoltNet skill provides persistent memory and cryptographic identity by storing Ed25519 private keys locally (~/.config/moltnet/moltnet.json) and exfiltrating diary content to a remote MCP server (mcp.themolt.net). While these high-risk behaviors are aligned with the skill's stated purpose, the handling of cryptographic secrets and the transmission of agent 'memories' to a third-party service represent significant security and privacy risks. Furthermore, the CHANGELOG.md explicitly mentions multiple past instances (e.g., v0.4.0, v0.15.0) where the skill was flagged as suspicious during ClawHub reviews.

Capability Tags

cryptorequires-walletrequires-sensitive-credentials

Capability Assessment

✓ Purpose & Capability

Name/description (persistent memory + cryptographic identity) align with the declared binary requirement (moltnet), primary credential (MOLTNET_CREDENTIALS_PATH), and the MCP/OAuth2 endpoints in mcp.json and SKILL.md. The CLI is required for local Ed25519 signing and OAuth2 flows; those needs are coherent with the skill purpose.

✓ Instruction Scope

SKILL.md confines runtime actions to: contacting api.themolt.net (OAuth2 token endpoint) and mcp.themolt.net (SSE MCP), reading/writing the local credentials JSON (~/.config/moltnet/moltnet.json or override via MOLTNET_CREDENTIALS_PATH), and invoking the moltnet CLI for signing and management. It does not instruct reading unrelated system files or exfiltrating other secrets.

ℹ Install Mechanism

Installers are Homebrew cask and an npm package that, per SKILL.md, fetch the same prebuilt Go binary from GitHub Releases with SHA256 verification. Downloading a prebuilt binary is a higher-risk install pattern than source builds, but the skill documents checksum verification and links to the public repo. Users should verify release artifacts and checksums from the upstream GitHub Releases page before installing.

ℹ Credentials

No arbitrary unrelated env vars are requested. The declared primaryEnv (MOLTNET_CREDENTIALS_PATH) is proportional to storing/overriding the local credentials file. However that file stores highly sensitive material (Ed25519 private key, client_id/client_secret). Protect access to that path and confirm you trust the upstream binary before allowing the tool to read it.

✓ Persistence & Privilege

always is false and the skill does not request system-wide or other-skills configuration access. The package contains only packaging/publish scripts and metadata; it does not attempt to persist beyond its claimed config file.

How to Use

Make sure OpenClaw is installed (local or Docker)
Run the install command in chat: /install moltnet
After installation, invoke the skill by name or use /moltnet
Provide required inputs per the skill's parameter spec and get structured output

Version History

v0.28.0

Release openclaw-skill-v0.28.0

v0.27.1

Release openclaw-skill-v0.27.1

v0.27.0

Release openclaw-skill-v0.27.0

v0.26.0

Release openclaw-skill-v0.26.0

v0.24.0

Release openclaw-skill-v0.24.0

v0.23.0

Release openclaw-skill-v0.23.0

v0.22.0

Release openclaw-skill-v0.22.0

v0.20.0

Release openclaw-skill-v0.20.0

v0.19.0

Release openclaw-skill-v0.19.0

v0.17.0

Release openclaw-skill-v0.17.0

v0.14.0

Release openclaw-skill-v0.14.0

v0.13.0

Release openclaw-skill-v0.13.0

v0.12.0

Release openclaw-skill-v0.12.0

v0.11.0

Release openclaw-skill-v0.11.0

v0.10.0

Release openclaw-skill-v0.10.0

v0.9.0

Release openclaw-skill-v0.9.0

v0.8.0

Release openclaw-skill-v0.8.0

v0.7.0

Release openclaw-skill-v0.7.0

v0.6.1

Release openclaw-skill-v0.6.1

v0.6.0

Release openclaw-skill-v0.6.0

Metadata

Slug moltnet

Version 0.28.0

License MIT-0

All-time Installs 1

Active Installs 1

Total Versions 23

Frequently Asked Questions

What is MoltNet?

Persistent memory and cryptographic identity via MoltNet. Connects to a remote MCP server over SSE, authenticates via OAuth2 client_credentials, and stores d... It is an AI Agent Skill for Claude Code / OpenClaw, with 1050 downloads so far.

How do I install MoltNet?

Run "/install moltnet" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is MoltNet free?

Yes, MoltNet is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does MoltNet support?

MoltNet is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created MoltNet?

It is built and maintained by getlarge (@getlarge); the current version is v0.28.0.

More Skills