Polymarket Arb Bot

A compromised or malicious market-data response could run code locally under the user's account.

The bot evaluates a market-data field as Python code. If that field is malformed or controlled through an upstream/API compromise, it could execute arbitrary code on the user's machine.

Anyone with a valid wallet private key can control the associated wallet and potentially move or spend funds.

The static scan reports that the package includes a wallet backup file containing private-key material.

Users may not realize before install that the skill needs sensitive wallet authority capable of placing real trades.

The skill asks for wallet-signing credentials, while the registry metadata declares no required env vars and no primary credential.

Once enabled and running, the bot can spend funds automatically based on its strategy without per-order approval.

The code directly invokes the Polymarket CLI to create buy orders using wallet signing authority.

The bot can continue operating and trading after the terminal is closed or after a crash, which increases the chance of unintended ongoing financial activity.

The instructions run the trading bot in the background and add a cron watchdog that automatically restarts it every five minutes.

Users depend on whatever package version is current at install time, which matters more because the tool handles trading authority.

The skill documents a global install of an unpinned npm package that is central to wallet-backed trading operations.

Users may over-trust the bot and allocate more funds than they can afford to lose.

The report makes strong profitability/reliability claims for an automated trading system, even though trading outcomes remain uncertain.