ClawHub

Polymarket Volume Tracker

Security checks across malware telemetry and agentic risk

Overview

This paid Polymarket tracker is mostly transparent about billing, but it can charge per run while presenting lifetime or estimated volume as recent trading activity.

Install only if you trust skillpay.me and are comfortable with a 0.001 USDT charge on normal runs. Treat the reported rankings as total-volume rankings, not reliable last-10-minute market flow, and treat Yes/No volume figures as rough estimates unless the publisher updates the implementation and labels.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (5)

Intent-Code Divergence

Medium
Confidence
92% confidence
Finding
The output example states the rankings are for the 'Last 10 Minutes' while the rest of the document says the metric is total/lifetime volume. This can cause users to make time-sensitive trading decisions based on stale or differently scoped data, especially in a market-monitoring context where recency is critical. The inconsistency is not just cosmetic because it changes the meaning of the reported rankings.

Intent-Code Divergence

Medium
Confidence
97% confidence
Finding
The file advertises a 10-minute volume tracker, but the main implementation ranks markets using overall `volumeNum` from the market metadata and never uses the recent-trades path when producing results. This is a deceptive data-integrity issue: users may make trading or financial decisions based on stale or misrepresented volume data while believing it reflects recent activity.

Description-Behavior Mismatch

Medium
Confidence
98% confidence
Finding
The script invents Yes/No side volumes by splitting total market volume according to current odds, which does not measure actual side-specific trading activity. In a financial/trading skill, fabricated analytics are dangerous because they can mislead users into believing the tool reports real market flow and sentiment when it is only producing an approximation.

Vague Triggers

Medium
Confidence
75% confidence
Finding
The trigger description is broad enough that the skill may be invoked for general questions about trends or opportunities, increasing the chance of unnecessary execution and unintended billing. In a paid skill, overbroad invocation criteria can expose users to charges they did not clearly intend and can surface speculative financial content in loosely related contexts.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The tool sends user identifiers and billing requests to a third-party payment service and may charge the user by default, but the module description and CLI help do not clearly warn about these outbound disclosures and charges before execution. In the context of a paid skill, hidden data transmission and default charging increase privacy and consent risk because users may invoke the tool without realizing an external billing action will occur.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal