ClawHub

Polymarket Whale Streak Trader

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed Polymarket copy-trading skill that defaults to paper trading and only makes live trades when explicitly run with the live flag.

Install only if you are comfortable with automated trading. Run it in paper mode first, review the market-matching behavior and tunables, and use a least-privilege Simmer/Polymarket credential with limited funds before ever running with --live.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (2)

Lp3

Medium
Category
MCP Least Privilege
Confidence
84% confidence
Finding
The skill documentation indicates access to environment-provided credentials (`SIMMER_API_KEY`) and network-dependent behavior (`simmer-sdk`, leaderboard/market fetching, optional live trading), but no explicit permissions are declared. This creates a trust and sandboxing gap: users or platforms may approve the skill without realizing it can read secrets and make external requests, including trade execution when run live.

Tp4

High
Category
MCP Tool Poisoning
Confidence
91% confidence
Finding
The stated purpose frames the skill as a whale hot-streak tracker, but the content reveals materially broader behavior: market discovery, independent signal generation, filtering, dynamic sizing, and optional live order execution. This mismatch can mislead reviewers and operators about the real risk surface, causing them to grant approval to a strategy that can autonomously place trades and use credentials under a narrower-sounding description.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal