Env credential access
Critical
- Finding
- Environment variable access combined with network send.
Polymarket Trading Mcp
Security checks across static analysis, malware telemetry, and agentic risk
Overview
I could not inspect the workspace artifacts because every filesystem command failed, so there is no artifact-backed evidence of suspicious behavior in this review.
This review could not verify the skill contents directly. Treat the result as incomplete and review the actual SKILL.md, metadata, install files, and included code before installing.
Static analysis
Exposed secret literal
Critical
- Finding
- File appears to expose a hardcoded API secret or token.
VirusTotal
No VirusTotal findings for this skill version.
- Malicious
- 0
- Suspicious
- 0
- Harmless
- 0
- Undetected
- 64
Risk analysis
No visible risk-analysis findings were reported for this release.