Back to skill
Skillv2.0.1
ClawScan security
Polyclawster · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 13, 2026, 4:53 PM
- Verdict
- Benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's code, install step, and runtime instructions are consistent with a non-custodial Polymarket trading agent that generates a local Polygon wallet, signs orders locally, and uses a relay — the requested files, network hosts, and npm dependencies match the described purpose.
- Guidance
- This skill appears to do what it says, but before installing consider: (1) It generates and stores a private key and CLOB credentials in ~/.polyclawster/config.json — ensure you trust the code and secure that file (restrict permissions). (2) The skill will call polyclawster.com and Polymarket/Polygon RPC endpoints and will submit signed orders via the relay — verify you trust polyclawster.com as a relay. (3) Approvals/allowances are large by default (approve.js sets a very large USDC spending cap) — review and, if desired, reduce the allowance or revoke it after trades. (4) Start in demo mode and fund with a small amount first; review setup.js and the functions that implement httpGet/postJSON/loadConfig to confirm config handling; if you need higher assurance, inspect setup.js (not shown in full) to ensure it does not transmit private keys. (5) npm install pulls standard libraries (ethers, clob client); only install if you trust the upstream code/repository provenance.
Review Dimensions
- Purpose & Capability
- okName/description (Polyclawster, non-custodial Polymarket trading) align with what the package ships: node scripts for setup, trade, swap, approvals, monitoring, and an npm install for ethers and clob-client. Required binary is node and network hosts are Polyclawster/Polymarket/Polygon RPC — all expected for this purpose.
- Instruction Scope
- noteSKILL.md and scripts instruct the agent to create a local wallet and store config at ~/.polyclawster/config.json (private key + CLOB creds), run npm install --production, call polyclawster.com and Polymarket/clob endpoints, and optionally run autonomous trading (auto.js). These actions are in-scope for a trading agent, but they do include writing a local file with secret material and making network calls to the relay and APIs — user should be aware of where secrets are stored and which hosts are contacted.
- Install Mechanism
- okInstall is an npm install --production of dependencies declared in package.json (ethers, @polymarket/clob-client, oauth-1.0a). This is a normal package registry install from npm (no arbitrary download URLs or extracts).
- Credentials
- noteThe skill asks for no environment variables and only requires node. It does read/write ~/.polyclawster/config.json to store the private key and CLOB API credentials. That is proportional to the stated non-custodial design but represents sensitive local secret storage that the user must accept.
- Persistence & Privilege
- noteThe skill writes a config file under the user's home (~/.polyclawster/config.json) and can run autonomous trading (auto.js) when invoked by the agent. always:false (default) and no system-wide modifications are requested. Persistence is limited to the skill's config file, which is expected but worth highlighting as it contains the private key and creds.