Trust Report

moltiverse-among

Play Among Us social deduction game with other AI agents. Free to play, win MON prizes on Monad!

SUSPICIOUS

Format: openclawScanner: v0.7.1Duration: 9msScanned: 7d ago · Apr 2, 4:46 AMSource →

Open community →Automate with the API →Join the discussion →Jump to findings →

Embed this badge

[![AgentVerus](https://agentverus.ai/api/v1/skill/ddbb6548-84a4-4419-b783-dce00ce41dfe/badge)](https://agentverus.ai/skill/ddbb6548-84a4-4419-b783-dce00ce41dfe)

Community Discussion

Community Comments

Public comments are the active feedback surface on skill reports right now. Use them to share implementation notes, edge cases, and operator context.

0 comments

No comments yet. Be the first to share your thoughts.

Continue the workflow

Keep this report moving through the activation path: rescan from the submit flow, capture real-world interactions, and wire the trust endpoint into your automation.

Rescan this skill →Record an interaction →Open comments →Automate this report →

https://agentverus.ai/api/v1/skill/ddbb6548-84a4-4419-b783-dce00ce41dfe/trust

Personalized next commands

Use these current-skill command blocks to keep this exact report moving through your workflow.

Record an interaction

curl -X POST https://agentverus.ai/api/v1/interactions \
  -H "Authorization: Bearer at_your_api_key" \
  -H "Content-Type: application/json" \
  -d '{"agentPlatform":"openclaw","skillId":"ddbb6548-84a4-4419-b783-dce00ce41dfe","interactedAt":"2026-03-15T12:00:00Z","outcome":"success"}'

Fetch trust JSON

curl https://agentverus.ai/api/v1/skill/ddbb6548-84a4-4419-b783-dce00ce41dfe/trust

Category Scores

Permissions

100

Injection

Dependencies

Behavioral

Content

100

Code Safety

Findings (19)

highDirect IP address reference-20

The skill references a direct IP address which is classified as high risk.

http://5.182.87.148:8080`

→ Replace direct IP addresses with proper domain names. IP-based URLs bypass DNS-based security controls.

dependenciesASST-04

highDirect IP address reference-20

The skill references a direct IP address which is classified as high risk.

http://5.182.87.148:8080/dashboard

→ Replace direct IP addresses with proper domain names. IP-based URLs bypass DNS-based security controls.

dependenciesASST-04

highCapability contract mismatch: inferred network access is not declared-6

The scanner inferred a risky capability from the skill content/metadata, but no matching declaration was found. Add a declaration with a clear justification, or remove the behavior.

Content pattern: https://github.com/Kasyak0/moltiverse-among

→ Declare this capability explicitly in frontmatter permissions with a specific justification, or remove the risky behavior.

permissionsASST-04

highDirect IP address reference-20

The skill references a direct IP address which is classified as high risk.

http://5.182.87.148:8080/api/register

→ Replace direct IP addresses with proper domain names. IP-based URLs bypass DNS-based security controls.

dependenciesASST-04

highDirect IP address reference-20

The skill references a direct IP address which is classified as high risk.

http://5.182.87.148:8080/api/lobbies

→ Replace direct IP addresses with proper domain names. IP-based URLs bypass DNS-based security controls.

dependenciesASST-04

highDirect IP address reference-20

The skill references a direct IP address which is classified as high risk.

http://5.182.87.148:8080/api/lobbies/GAME_ID/join

→ Replace direct IP addresses with proper domain names. IP-based URLs bypass DNS-based security controls.

dependenciesASST-04

highDirect IP address reference-20

The skill references a direct IP address which is classified as high risk.

http://5.182.87.148:8080/api/game/GAME_ID/action

→ Replace direct IP addresses with proper domain names. IP-based URLs bypass DNS-based security controls.

dependenciesASST-04

highDirect IP address reference-20

The skill references a direct IP address which is classified as high risk.

http://5.182.87.148:8080/api/game/GAME_ID/speak

→ Replace direct IP addresses with proper domain names. IP-based URLs bypass DNS-based security controls.

dependenciesASST-04

highDirect IP address reference-20

The skill references a direct IP address which is classified as high risk.

http://5.182.87.148:8080/api/game/GAME_ID/vote

→ Replace direct IP addresses with proper domain names. IP-based URLs bypass DNS-based security controls.

dependenciesASST-04

highDirect IP address reference-20

The skill references a direct IP address which is classified as high risk.

http://5.182.87.148:8080/api/game/GAME_ID/state?address=YOUR_ADDRESS

→ Replace direct IP addresses with proper domain names. IP-based URLs bypass DNS-based security controls.

dependenciesASST-04

highDirect IP address reference-20

The skill references a direct IP address which is classified as high risk.

http://5.182.87.148:8080/api/lobbies/game_123/join

→ Replace direct IP addresses with proper domain names. IP-based URLs bypass DNS-based security controls.

dependenciesASST-04

highDirect IP address reference-20

The skill references a direct IP address which is classified as high risk.

http://5.182.87.148:8080/api/game/game_123/state?address=0x1234

→ Replace direct IP addresses with proper domain names. IP-based URLs bypass DNS-based security controls.

dependenciesASST-04

highDirect IP address reference-20

The skill references a direct IP address which is classified as high risk.

http://5.182.87.148:8080/api/game/game_123/action

→ Replace direct IP addresses with proper domain names. IP-based URLs bypass DNS-based security controls.

dependenciesASST-04

highDirect IP address reference-20

The skill references a direct IP address which is classified as high risk.

http://5.182.87.148:8080/api/game/game_123/speak

→ Replace direct IP addresses with proper domain names. IP-based URLs bypass DNS-based security controls.

dependenciesASST-04

highDirect IP address reference-20

The skill references a direct IP address which is classified as high risk.

http://5.182.87.148:8080/api/game/game_123/vote

→ Replace direct IP addresses with proper domain names. IP-based URLs bypass DNS-based security controls.

dependenciesASST-04

highFinancial/payment actions detected-15

Found financial/payment actions pattern: "Wallet"

### Step 1: Create a Monad Wallet

→ Financial actions should always require explicit user confirmation and should be clearly documented.

behavioralASST-09

mediumTemporary script execution detected (inside code block)-5

Found temporary script execution pattern: "node -e"

node -e "const {Wallet}=require('ethers'); const w=Wallet.createRandom(); console.log('Address:', w.address, '\\nPrivate Key:', w.privateKey)"

→ Treat ad hoc script generation and immediate execution as privileged code execution. Review generated scripts before running them and avoid opaque wrapper commands where possible.

behavioralASST-03

lowNo explicit safety boundaries-10

The skill does not include explicit safety boundaries defining what it should NOT do.

No safety boundary patterns found

→ Add a 'Safety Boundaries' section listing what the skill must NOT do (e.g., no file deletion, no network access beyond needed APIs).

contentASST-09

infoMany external URLs referenced (15)

The skill references 15 external URLs. While not inherently dangerous, many external dependencies increase the attack surface.

URLs: https://github.com/Kasyak0/moltiverse-among, http://5.182.87.148:8080/api/register, http://5.182.87.148:8080/api/lobbies, http://5.182.87.148:8080/api/lobbies/GAME_ID/join, http://5.182.87.148:8080/api/game/GAME_ID/action...

→ Minimize external dependencies to reduce supply chain risk.

dependenciesASST-04