Back to skill
Skillv1.0.6
VirusTotal security
Polymarket Trading Setup · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 30, 2026, 4:06 AM
- Hash
- f91227432cc78e350d1ded2975bb75ac5ece93c82ec5d1ee27ec72bef40de87c
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: polymarket-setup Version: 1.0.6 The skill is classified as suspicious due to its inherent high-risk operations, specifically requiring and handling a user's `POLYMARKET_PRIVATE_KEY` and other sensitive API credentials. While the instructions in `SKILL.md` and `GUIDE.md` appear to be directly aligned with the stated purpose of setting up automated trading on Polymarket, the process involves deriving new API keys from the private key and explicitly instructing the agent to write these derived credentials to the `.env` file. This direct manipulation and persistence of sensitive financial secrets, combined with the ability to place real financial orders, represents a significant risk, even if no explicit malicious intent (like exfiltration to unauthorized domains) is observed. All network calls are to legitimate Polymarket domains.
- External report
- View on VirusTotal