Back to skill
Skillv1.1.0
VirusTotal security
Polymarket CLI & Arb Scanner · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 30, 2026, 5:29 AM
- Hash
- ae30cb3758224714b095c8629ed7675b5cad5fc58272d3281f94046726e1ec04
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: mgnlia-polymarket Version: 1.1.0 The skill bundle contains a shell injection vulnerability in 'scripts/expiry-arb.ts', where the user-provided 'query' argument is passed unsanitized to a shell command via 'execSync'. Additionally, 'scripts/install.sh' employs the risky 'curl | sh' pattern to execute a remote script from GitHub. While these are critical security flaws (RCE risks), they appear to be unintentional vulnerabilities rather than intentional malware, as the bundle's logic consistently supports its stated purpose of Polymarket trading.
- External report
- View on VirusTotal