Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Duola Quant Copy Engine
v1.0.0Institutional-grade execution playbook for the published `duola` Polymarket copy-trading CLI in lobster-agent workflows. Use when tasks require production-st...
⭐ 0· 265·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The SKILL.md clearly implements a production operator for the 'duola' CLI and a third‑party billing gate (SkillPay). That purpose explains use of duola and billing calls, but the registry metadata lists no required environment variables or primary credential. The presence of SkillPay-specific env vars (SKILLPAY_API_URL, SKILLPAY_API_KEY, SKILLPAY_SKILL_ID) in the runtime instructions is inconsistent with the declared 'Required env vars: none'.
Instruction Scope
Runtime instructions direct the agent/operator to: export billing API keys, run billing commands, install and invoke the duola CLI, and feed a private key via stdin into 'duola autopilot onboard'. Asking for private keys and external billing operations is within a trading operator's scope, but these instructions also create an exfiltration risk (private key or billing key could be provided to external services). The SKILL.md gives broad discretion to run CLI installs and billing commands without any metadata that documents those external endpoints or who controls them.
Install Mechanism
This is an instruction-only skill (no install spec). It tells operators to install duola via 'npm install -g duola' or local npm build. Using npm is expected for a CLI, but the skill provides no source URL or repository for either the duola package or the skill itself. Verify the duola package provenance on the npm registry before running global installs.
Credentials
The instructions require several sensitive values (SKILLPAY_API_KEY, SKILLPAY_API_URL, SKILLPAY_SKILL_ID and user private keys) but the skill metadata declares none. There is no 'primary credential' or declared env list to explain where secrets should come from or how they will be protected. Requesting private keys for live trading is plausible, but the lack of metadata, source, or storage/rotation guidance is disproportionate and risky.
Persistence & Privilege
The skill is 'always: false', user-invocable, and instruction-only with no install artifacts. It does not request persistent platform privileges or modify other skills. Autonomous invocation is allowed by default but not combined with other privilege escalations here.
What to consider before installing
Do not run this skill or export secrets for it until you verify its source and credential requirements. Ask the publisher for a source repository or package name and confirm the SkillPay domain and ownership. Before running: 1) Inspect the 'duola' npm package on the registry (or prefer a pinned git release). 2) Never paste private keys into an unverified agent — prefer hardware or ephemeral signing. 3) Demand that required env vars (SkillPay API key, skill id) be declared in metadata and justification for why SkillPay is needed. 4) If you must test, do so in an isolated environment with fake keys and a read-only account. If the publisher cannot provide a clear source and rationale for the billing integration and secret handling, treat the skill as untrusted.Like a lobster shell, security has layers — review code before you run it.
copy-tradingvk973d0pavgbr67awsq8k04tq3n82a8v1latestvk973d0pavgbr67awsq8k04tq3n82a8v1lobster-agentvk973d0pavgbr67awsq8k04tq3n82a8v1polymarketvk973d0pavgbr67awsq8k04tq3n82a8v1skillpayvk973d0pavgbr67awsq8k04tq3n82a8v1
License
MIT-0
Free to use, modify, and redistribute. No attribution required.