Security audit

Polymarket Whale Momentum Trader

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed automated Polymarket trading bot, but it needs review because a live-trading client can be reused across runs in a way that weakens its paper-mode safety promise.

Install only if you intentionally want an automated trading skill and understand the financial risk. Start in paper mode, use a scoped SIMMER_API_KEY, keep conservative position limits, and avoid mixing live and paper runs in the same long-lived Python process unless the client caching bug is fixed or the process is restarted between modes.

SkillSpector

By NVIDIA

Vulnerability Patterns

MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Lp3

Medium

Category: MCP Least Privilege
Confidence: 90% confidence
Finding: The skill description indicates it uses environment variables and outbound network access, but no permissions are declared. In an agent platform, this creates a trust and policy gap: operators may approve or run the skill without realizing it can read configuration/secrets from the environment and contact external services. In this trading context, network and env access are expected for functionality, but the absence of explicit declaration still makes the capability set less transparent and harder to constrain safely.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.