ClawHub
Back to skill

Security audit

Polymarket Fee Aware Divergence

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed trading bot, but it can run automatically every 30 minutes and place recurring trades using sensitive trading credentials, so users should review it carefully before installing.

Install only if you intentionally want autonomous prediction-market trading. Keep TRADING_VENUE=sim until tested, use a dedicated low-balance account or scoped API key, avoid providing a wallet private key unless necessary, and disable the cron or add hard exposure and loss limits before using any live venue.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
73% confidence
Finding
The manifest schedules automated execution every 30 minutes for a trading skill, but the file does not clearly communicate user-visible guardrails, trigger boundaries, or exclusion conditions around when live trading will occur. In a financial automation context, ambiguous autonomous behavior increases the chance of unintended trades, especially when combined with venue configurability and optional wallet-based execution.

Missing User Warnings

High
Confidence
91% confidence
Finding
The manifest combines automated cron-based trading with access to sensitive secrets, including an API key and an optional wallet private key, yet it lacks a prominent warning about financial loss, self-custody risk, and the consequences of unattended execution. In this context, insufficient risk disclosure is dangerous because users may supply high-impact credentials without understanding that the skill can place recurring live trades on their behalf.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal