Skillv1.0.0

ClawScan security

PolyGuard Martin Pro · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

BenignMar 5, 2026, 10:49 PM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's code, instructions, and requirements are coherent with a local Polymarket trading bot—no unexpected network endpoints, credentials, or installs are requested.
Guidance: This skill appears to do what it claims: poll Polymarket and place orders. Before installing, review and do the following: (1) Confirm Polymarket's API credential model — this script expects a single api_key used for HMAC signing; if Polymarket requires a separate secret you may need to adapt the code. (2) Keep config.yaml secure (it contains your API key in plaintext) and avoid storing real funds/keys until you've tested in a sandbox. (3) Inspect network traffic during a test run to confirm requests go only to https://api.polymarket.com. (4) Note logs include API responses (which may contain trade/order data); avoid sharing logs. (5) There's a minor manifest/version mismatch between registry metadata and manifest.json—this is likely benign but verify you have the intended release. If you do not want the agent to run autonomously, disable model invocation or only run the script manually.

Purpose & Capability: okName/description (auto-trading on Polymarket) match the code and config: the skill polls Polymarket orderbook and posts orders to Polymarket. It does not request unrelated credentials, binaries, or external services.
Instruction Scope: okSKILL.md tells the user to edit config.yaml and run the skill; runtime instructions and main.py only read config.yaml and interact with the POLYMARKET_BASE_URL endpoints. The instructions do not direct reading unrelated files or sending data to other endpoints.
Install Mechanism: okNo install spec; this is an instruction-only skill with an included Python script. It does not download code from external URLs or install packages at install time. The runtime requires the requests and PyYAML packages, but no installer is specified.
Credentials: noteNo environment variables or external credentials are required; the skill uses a plaintext config.yaml for api_key and other options. This is proportionate for a local trading bot, but storing API keys in a local file is sensitive and should be protected. The code uses the single api_key both as a Bearer token and for HMAC signing, which may or may not match Polymarket's credential model—verify whether an API secret is required by Polymarket.
Persistence & Privilege: okThe skill does not request always: true and does not attempt to modify other skills or system-wide settings. It runs a local loop and has normal agent invocation privileges.