ClawHub

Polymarket Candle Volume Spike Trader

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed Polymarket trading skill that defaults to simulated trading, though users should understand its strategy is probability-based despite the volume-spike branding.

Install only if you are comfortable giving this skill a Simmer API key. Keep it in paper mode first, review the position-size and max-position tunables, and treat live mode as permission for real USDC trades. Also read the strategy carefully: despite the name, the default implementation appears to trade from Polymarket probability thresholds, not independent volume data.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Intent-Code Divergence

Medium
Confidence
93% confidence
Finding
The skill advertises volume-spike detection and cross-market confirmation, but the implementation never reads or validates any volume data and instead bases decisions purely on market probability thresholds. In an automated trading context, this is a material strategy-integrity issue because operators may enable live trading under false assumptions about what signal is being used, leading to unintended real-money trades and risk exposure.

Intent-Code Divergence

Medium
Confidence
89% confidence
Finding
The code claims to trade only lagging coins after a cross-coin confirmation event, but it does not exclude coins that already participated in the original spike and will trade any coin in the next window still meeting the loose lagging condition. This mismatch can cause duplicated or logically invalid trades, increasing unintended exposure and making the live behavior materially different from the documented safeguards.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The manifest explicitly requires a trading API key and configures an automated trading entrypoint, but provides no user-facing disclosure about credential use, trade execution, or the risks of automated market activity. In a trading skill, this omission is more dangerous because users may supply live credentials without understanding scope, automation behavior, or financial risk, increasing the chance of unintended trades or unsafe trust in the agent.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal