Duola Quant Copy Engine
Security checks across static analysis, malware telemetry, and agentic risk
Overview
This is a coherent Duola/Polymarket trading playbook, but it asks an agent to install an unpinned CLI, handle wallet and billing credentials, and start detached live trading.
Install only if you intentionally want an agent-assisted live Polymarket trading workflow. Verify the npm package and publisher first, use a dedicated low-balance wallet, never expose a main private key, require manual approval before live starts or billing charges, and monitor or stop any detached autopilot process.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent could initiate real Polymarket trading activity that may lose funds or create unwanted positions.
The skill instructs the agent/operator to provide the live-trading confirmation phrase and start live trading, including detached mode, without artifact-level requirements for explicit user approval, capital limits, or scoped trade permissions.
duola autopilot start <alias> --confirm-live "I UNDERSTAND LIVE TRADING" --detach
Require explicit user confirmation in the current session before any live command, set hard trade/bankroll limits, and prefer a dry run or limited-cycle validation first.
Mishandling these credentials could enable unauthorized billing actions or trading/signing activity from the user's wallet.
The skill asks for a billing API key and a wallet private key, both high-privilege credentials, even though the supplied registry metadata declares no required env vars or primary credential.
export SKILLPAY_API_KEY="sk_***" ... printf '%s' '<private_key>' | duola autopilot onboard <leader_address> \\ --name <alias> --private-key-stdin
Use only dedicated, low-balance trading wallets and least-privilege billing credentials; the skill should declare these credentials clearly and explain storage, retention, and scope.
A compromised, renamed, or unexpected npm package version could receive sensitive credentials or execute trades.
The playbook installs an unpinned npm CLI globally, while the provided skill artifacts contain no reviewed duola code, install spec, lockfile, homepage, or source provenance for a tool that will handle private keys and live trading.
npm view duola version duola --version ... npm install -g duola
Verify the duola package source independently, pin a known-good version, review its code and install scripts, and avoid global installation when possible.
Trading may continue after the user thinks the task is complete unless they monitor and stop it.
Detached autopilot is persistent autonomous behavior; the artifact documents status and stop commands, but does not bound how long the process may run or how much financial exposure it may create.
duola autopilot start <alias> --confirm-live "I UNDERSTAND LIVE TRADING" --detach
Do not use detached live mode unless the user explicitly requests it; define max duration, max loss, position limits, monitoring, and a verified stop procedure.