ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Polymarket Oracle

v1.0.1

Multi-strategy arbitrage and trading bot for Polymarket prediction markets. Scans ALL markets (crypto, politics, sports, economics, entertainment) for parity...

0· 408·0 current·0 all-time
byWesley Armando@georges91560
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
high confidence
Purpose & Capability
The name/description (Polymarket arbitrage bot) match the included code and runtime behavior (scanning Polymarket APIs and placing orders). Requiring POLYMARKET_API_KEY/SECRET/PASSPHRASE is appropriate for trading. However the registry metadata claimed no required env/configs while SKILL.md and code require API credentials — a mismatch in metadata vs implementation.
!
Instruction Scope
Runtime instructions and docs explicitly instruct reading/writing credentials files (e.g., /etc/polymarket-oracle/credentials.env), creating API keys using a wallet private key, and show a systemd unit that embeds secrets. The docs both warn against storing the WALLET_PRIVATE_KEY on the server and simultaneously provide a systemd example that places WALLET_PRIVATE_KEY in Environment lines (contradiction). The instructions therefore allow (and even encourage, via the service example) storing highly sensitive secrets on the running host — scope creep beyond a scanner-only role.
Install Mechanism
There is no automated install spec (instruction-only install), and the code uses only the Python standard library at runtime. The README/config suggest optionally installing py-clob-client locally to create API keys; this is reasonable. No arbitrary network-installs or downloads from suspicious hosts are present in the manifest. Risk is primarily operational (how user deploys), not from a packaged installer.
!
Credentials
Requesting Polymarket API_KEY/SECRET/PASSPHRASE is proportionate to trading. However the presence of WALLET_PRIVATE_KEY in multiple places (env docs, systemd service example, credentials file examples) is problematic: the project alternately says 'only use private key locally once' and then shows ways to put the private key on the server/service. Registry metadata omitted required env vars entirely, increasing confusion. The skill thus mixes appropriate credential requests with instructions that could expose full-wallet private keys — disproportionate if the intent is only to run trades via API keys.
Persistence & Privilege
The skill does not request always:true and does not modify other skills. The documentation strongly encourages running the bot as a systemd service (enable on boot, auto-restart) which increases persistence on a host — normal for a trading bot. Combined with the unsafe secret-handling examples, persistent deployment increases the blast radius if secrets are stored insecurely.
What to consider before installing
This package implements a real-money trading bot and needs your Polymarket API key/secret/passphrase — that part is expected. Key concerns: (1) The manifest metadata is inconsistent with the SKILL.md/code (metadata claims no env vars but the code requires credentials). (2) The docs both tell you NOT to store your WALLET_PRIVATE_KEY on the server and then provide a systemd example that embeds it into the service file/credentials file — do not follow that example. Best practices before installing: generate Polymarket API keys locally using your wallet private key, then provide only the API_KEY/SECRET/PASSPHRASE to the running bot; never put your wallet private key on the server or in systemd Environment lines. Run the bot in simulation mode first; review the full code yourself (or have a trusted reviewer) to confirm it only uses the API keys for trading and does not exfiltrate credentials. If you proceed, store credentials in a tightly permissioned EnvironmentFile (chmod 600 root:root), avoid embedding secrets in unit files, and consider running within an isolated VM/container with restricted network access and monitoring. If you want greater assurance, ask the author to fix the manifest (declare required env vars and remove contradictory examples) and to remove any examples that recommend embedding private keys in service units.

Like a lobster shell, security has layers — review code before you run it.

arbitragevk97abzybykhrtybky3m7t7ppgs81zs9yautomationvk97abzybykhrtybky3m7t7ppgs81zs9ylatestvk97eagavs8dc8vghhx01cy1dxx81yy1tmulti-strategyvk97abzybykhrtybky3m7t7ppgs81zs9yopportunitiesvk97abzybykhrtybky3m7t7ppgs81zs9ypolymarketvk97abzybykhrtybky3m7t7ppgs81zs9yprediction-marketsvk97abzybykhrtybky3m7t7ppgs81zs9yscannervk97abzybykhrtybky3m7t7ppgs81zs9ytradingvk97abzybykhrtybky3m7t7ppgs81zs9y

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🎯 Clawdis
Binspython3

Comments