ClawHub

Find and analyze arbitrage opportunities across prediction markets like Polymarket and Kalshi

Security checks across malware telemetry and agentic risk

Overview

The skill is mostly a read-only prediction-market data tool, but its bundled client also enables wallet portfolio, activity, and P&L lookups that go beyond the advertised arbitrage workflow and send wallet identifiers to AIsa.

Review before installing if you may use the bundled Python client. Market price, matching, and orderbook lookups fit the advertised purpose, but wallet portfolio, activity, and P&L commands can profile any supplied Polymarket wallet through AIsa. Only pass wallet addresses you are comfortable exposing to that API provider, and monitor API usage because requests may consume paid credits.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Description-Behavior Mismatch

Medium
Confidence
88% confidence
Finding
The skill exposes wallet, activity, positions, wallet-metrics, and P&L lookups for arbitrary addresses, which exceeds a narrow arbitrage-analysis scope and enables broad third-party financial profiling. In an agent setting, this can facilitate unauthorized surveillance of users’ trading behavior and sensitive portfolio metadata through an external service.

Missing User Warnings

Medium
Confidence
86% confidence
Finding
Wallet addresses and related query parameters are sent to a third-party API without any explicit notice, consent flow, or privacy boundary. Even if addresses are public on-chain, aggregating and transmitting them to an external analytics provider creates additional privacy risk and may surprise users of an arbitrage-focused skill.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal