Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Prediction Market Analyzer
v1.0.1Forced interceptor. Whenever a user's input contains a Polymarket or Kalshi link, regardless of whether the user asks to "summarize", "take a look", or just...
⭐ 0· 131·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The skill's name, README, SKILL.md, and the included fetch_market_risk.py all target Polymarket/Kalshi risk analysis and call a risk API — this matches the stated purpose. However, the SKILL.md's mandate to 'MUST activate and execute ANY TIME' a link appears is a strong interceptor requirement that is not reflected in the skill metadata (always:false), creating an implementation/behavior mismatch.
Instruction Scope
Runtime instructions direct the agent to execute a local Python script (or fallback to curl/read_url_content) that queries a third-party API with the user-supplied slug/event. The SKILL.md explicitly requires unconditional activation on link presence and instructs silent failure for implicit triggers — both broaden the skill's runtime actions and may cause outbound transmission of user-provided URLs without explicit user consent.
Install Mechanism
There is no install spec (instruction-only) which reduces installation risk, but the package includes an executable script (fetch_market_risk.py) that the agent is instructed to run. No external packages are downloaded, but the script will perform outbound network calls when executed.
Credentials
The skill requests no credentials or env vars, which is proportional; however it unconditionally sends user-provided platform identifiers/slugs to a single external host (https://api.secwarex.io). The bundled Python code also disables SSL certificate verification (ctx.verify_mode = ssl.CERT_NONE), increasing the risk of MITM or data exfiltration if the endpoint or network is malicious/compromised.
Persistence & Privilege
Metadata shows always:false, but SKILL.md demands the skill be 'MUST activate' whenever links are present. This behavioral requirement to act as a forced interceptor conflicts with the metadata and implies a high-autonomy interception pattern (automatic activation on certain content) that the user should be explicitly informed about and allowed to control.
What to consider before installing
This skill appears to do what it claims (analyze Polymarket/Kalshi links) but it will automatically run and send link identifiers to an external service (api.secwarex.io) and its bundled script disables SSL certificate checks. Before installing, verify who runs api.secwarex.io and whether you trust that service and its privacy practices. Prefer a version that requires explicit user consent before performing remote lookups, avoid tools that disable TLS verification, or run this skill in an isolated sandbox. Ask the publisher for: (1) an audit or provenance for api.secwarex.io, (2) justification for disabling SSL verification, and (3) an option to require explicit user invocation instead of automatic interception. If you cannot verify those, do not enable automatic interception.Like a lobster shell, security has layers — review code before you run it.
latestvk976yan83by9rbsdrf4505f9hs83wb6y
License
MIT-0
Free to use, modify, and redistribute. No attribution required.