Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Polyclawster
v2.0.1Trade on Polymarket prediction markets. Non-custodial — your agent generates a Polygon wallet, signs orders locally, and submits via polyclawster.com relay (...
⭐ 1· 553·1 current·1 all-time
byIlya@al1enjesus
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
high confidencePurpose & Capability
Name/description (Polyclawster, non-custodial Polymarket trading) align with what the package ships: node scripts for setup, trade, swap, approvals, monitoring, and an npm install for ethers and clob-client. Required binary is node and network hosts are Polyclawster/Polymarket/Polygon RPC — all expected for this purpose.
Instruction Scope
SKILL.md and scripts instruct the agent to create a local wallet and store config at ~/.polyclawster/config.json (private key + CLOB creds), run npm install --production, call polyclawster.com and Polymarket/clob endpoints, and optionally run autonomous trading (auto.js). These actions are in-scope for a trading agent, but they do include writing a local file with secret material and making network calls to the relay and APIs — user should be aware of where secrets are stored and which hosts are contacted.
Install Mechanism
Install is an npm install --production of dependencies declared in package.json (ethers, @polymarket/clob-client, oauth-1.0a). This is a normal package registry install from npm (no arbitrary download URLs or extracts).
Credentials
The skill asks for no environment variables and only requires node. It does read/write ~/.polyclawster/config.json to store the private key and CLOB API credentials. That is proportional to the stated non-custodial design but represents sensitive local secret storage that the user must accept.
Persistence & Privilege
The skill writes a config file under the user's home (~/.polyclawster/config.json) and can run autonomous trading (auto.js) when invoked by the agent. always:false (default) and no system-wide modifications are requested. Persistence is limited to the skill's config file, which is expected but worth highlighting as it contains the private key and creds.
Assessment
This skill appears to do what it says, but before installing consider: (1) It generates and stores a private key and CLOB credentials in ~/.polyclawster/config.json — ensure you trust the code and secure that file (restrict permissions). (2) The skill will call polyclawster.com and Polymarket/Polygon RPC endpoints and will submit signed orders via the relay — verify you trust polyclawster.com as a relay. (3) Approvals/allowances are large by default (approve.js sets a very large USDC spending cap) — review and, if desired, reduce the allowance or revoke it after trades. (4) Start in demo mode and fund with a small amount first; review setup.js and the functions that implement httpGet/postJSON/loadConfig to confirm config handling; if you need higher assurance, inspect setup.js (not shown in full) to ensure it does not transmit private keys. (5) npm install pulls standard libraries (ethers, clob client); only install if you trust the upstream code/repository provenance.Like a lobster shell, security has layers — review code before you run it.
latestvk97fx9z5m7xf5e6p2mv0t6xrqh82vw8a
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
Runtime requirements
Binsnode