ClawHub

Polymarket Tradingskill

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed read-only Polymarket analysis skill, with some routing and credential-scope cautions but no evidence of hidden execution, trading, exfiltration, or destructive behavior.

Install only if you trust the configured OPENCLAW_AGENT_API_BASE_URL, use a least-privilege read-only API key, and are comfortable with relevant market-analysis prompts being routed to this skill automatically. Treat its pricing and priority labels as decision support, not trading instructions.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Vague Triggers

Medium
Confidence
84% confidence
Finding
The skill uses very broad activation phrases like 'analyze' and equivalent generic wording, which can match ordinary user conversation and cause unintended invocation. In an agent system, accidental routing to a market-analysis skill can lead to inappropriate API calls, context switching, or disclosure of analysis that the user did not explicitly request, even if the backend is described as read-only.

Vague Triggers

Medium
Confidence
89% confidence
Finding
Treating '/analyze', 'analyze', and 'analyze this' as sufficient for deep-analysis mode is an ambiguous trigger design that increases the chance of false activation. Because this skill can query internal agent APIs and shift the system into a specialized workflow, an attacker or even normal conversation could intentionally or accidentally invoke behavior outside the user's actual intent.

Vague Triggers

Medium
Confidence
86% confidence
Finding
The intent mapping includes broad phrases such as 'analyze this market' and 'deep dive this polymarket' without clear constraints tying them to a specific market reference. This makes the skill easier to invoke through vague language, increasing the risk of prompt-trigger collisions, unintended API usage, and workflow hijacking in multi-skill environments.

Vague Triggers

Medium
Confidence
94% confidence
Finding
Implicit invocation is enabled, but the file does not define narrow activation constraints, examples, or guardrails for when this skill should be selected. Because this skill covers financial decision-support and can analyze markets across domains, ambiguous auto-triggering can cause the agent to invoke it in broader contexts than intended, exposing users to unsolicited trading-oriented guidance or misrouted analysis.

VirusTotal

60/60 vendors flagged this skill as clean.

View on VirusTotal