ClawHub

Vincent - Polymarket

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed Polymarket trading skill, but it gives agents real-money trading and withdrawal authority with weak initial controls.

Review carefully before installing. Claim the wallet and configure strict spending limits, mandatory approvals, and withdrawal controls before funding it; only use funds you can afford to lose; avoid sharing relink tokens in ordinary chat when possible; and prefer pinned or otherwise reviewed CLI versions instead of relying blindly on @latest.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Findings (3)

Intent-Code Divergence

Medium
Confidence
96% confidence
Finding
The documentation prominently frames the system as policy-constrained, but later states that newly created wallets can trade without any restrictions until the wallet is claimed. That creates a real unsafe window in which an autonomous agent can place trades or move funds before human controls are established, undermining the stated security model and potentially causing unauthorized financial loss.

Vague Triggers

Medium
Confidence
87% confidence
Finding
The trigger phrases are broad enough that normal conversation about prediction markets or betting could invoke a skill that can create wallets, place trades, and withdraw funds. In the context of a high-risk financial skill, accidental invocation materially increases the chance of unintended market actions or account setup without clear user intent.

Missing User Warnings

High
Confidence
95% confidence
Finding
This skill enables real-money trading, cross-wallet transfers, and withdrawals, yet the documentation does not prominently warn that funds can be lost, trades may be irreversible, markets are volatile, and transfers to wrong addresses may not be recoverable. Because this is an autonomous trading skill, inadequate risk disclosure makes unsafe use more likely and increases the severity of user harm.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal