Polymarket Worldcup Group Repricer

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed automated prediction-market trading skill with financial risk, but its sensitive behavior is purpose-aligned, documented, and bounded by dry-run defaults and configurable caps.

Install only if you are comfortable with an automated market-trading tool. Leave it in dry-run first, review MAX_TRADE_USD and DAILY_BUDGET_USD, confirm the venue is sim unless you intend real trading, and understand that enabling live Polymarket execution can lose money.

SkillSpector

By NVIDIA

Vulnerability Patterns

MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Lp3

Medium

Category: MCP Least Privilege
Confidence: 88% confidence
Finding: The skill declares no permissions, yet its content explicitly describes use of environment variables and file-writing state management (`SIMMER_API_KEY`, `state_dry.json`, lock-protected state files). This creates a permission mismatch: a user or platform may treat the skill as low-privilege while it actually requires access to sensitive runtime inputs and persistent local state, which can enable secret exposure, unauthorized state modification, or misleading trust assumptions during review and execution.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal