Polymarket Ai Tech Trader

Security checks across malware telemetry and agentic risk

Overview

This is not malware, but it deserves review because it can place real Polymarket trades and its advertised strategy and risk controls are broader than the code appears to enforce.

Install only if you understand it as a high-risk trading template. Keep it in paper mode first, use a least-privileged SIMMER_API_KEY, and do not enable --live, cron, or automaton runs until you have reviewed the strategy logic, dependency version, and portfolio exposure controls.

SkillSpector

By NVIDIA

Vulnerability Patterns

MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Intent-Code Divergence

Medium

Confidence: 93% confidence
Finding: The documentation makes concrete safety claims about default paper trading, live trading only with `--live`, disabled cron, and `autostart: false`, but this file provides no implementation proving those controls exist. In a trading skill, undocumented or unimplemented safeguards can lead users to assume financial protections that may not actually be enforced, creating real risk of unintended live trades or automated execution.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal