ClawHub

Polymarket Data

Security checks across malware telemetry and agentic risk

Overview

This skill appears to be a disclosed read-only prediction-market data client that uses one API key to query AIsa endpoints.

Install only if you trust AIsa/api.aisa.one with your prediction-market queries, wallet addresses, and API-key-backed billing. Use a scoped or low-balance key if available, avoid sharing the key in logs or screenshots, and remember that public wallet addresses can still reveal trading behavior when analyzed through a third-party service.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Lp3

Medium
Category
MCP Least Privilege
Confidence
83% confidence
Finding
The skill metadata indicates effective capabilities to access environment data and the network, but no permissions are declared in the skill manifest/content. That creates a transparency and policy-enforcement gap: the skill may exfiltrate secrets from environment variables or make external requests without users or the platform being able to properly review and constrain that behavior.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill explicitly supports wallet activity, positions, and P&L lookups for arbitrary wallet addresses, but it does not warn users that those identifiers and resulting financial/profile data are sent to a third-party API. Even if blockchain addresses are public, aggregating them through an external service can expose sensitive trading behavior and may surprise users who did not consent to that disclosure.

Missing User Warnings

Low
Confidence
87% confidence
Finding
The documentation instructs users to place an API key in an environment variable but provides no guidance on protecting it from shell history, logs, screenshots, shared terminals, or multi-user environments. This omission increases the chance of accidental credential exposure, which could allow unauthorized API use and billing abuse.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal