Back to skill
Skillv0.1.0
ClawScan security
Nash0 Polymarket CLI · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 13, 2026, 6:07 PM
- Verdict
- Benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- This is an instruction-only skill that documents how an agent should use the Polymarket CLI; its stated purpose, required privileges, and instructions are internally consistent and it does not request secrets or install code itself.
- Guidance
- This skill is an instruction-only guide for using the Polymarket CLI and appears coherent. Before installing/using it, make sure: (1) you have (or will install) the official polymarket binary from a trusted source (verify the GitHub tap URL), (2) the agent/runtime does not have access to your private key environment variables or ~/.config/polymarket/config.json (the CLI can read those if present), and (3) you require explicit confirmation before any trading, wallet-management, approval, or on-chain write commands — the skill documents those safeguards but the platform/agent must enforce them. If you want the agent to run commands, consider restricting the agent’s filesystem and environment so secrets cannot be accidentally read.
Review Dimensions
- Purpose & Capability
- okThe name/description match the SKILL.md: the skill is purely a usage guide for the polymarket CLI (browsing markets, reading CLOB data, and optionally trading with explicit confirmation). It does not declare unexpected credentials or unrelated binaries. Minor note: the skill expects the 'polymarket' binary to exist but the registry metadata lists no required binaries; the SKILL.md includes install hints (Homebrew) instead of a formal requires entry.
- Instruction Scope
- okRuntime instructions are narrowly scoped to running the CLI and prefer read-only commands; the file explicitly forbids reading ~/.config/polymarket/config.json and forbids running wallet-management commands without the user. There are no instructions to collect or transmit data to third-party endpoints beyond the CLI itself.
- Install Mechanism
- okThere is no install spec in the registry (lowest-risk instruction-only skill). The SKILL.md suggests Homebrew install from a GitHub tap, which is a reasonable, low-risk approach. The install instructions are truncated in the included file but reference an official GitHub tap URL.
- Credentials
- okThe skill requests no environment variables or credentials. It documents how the CLI sources private keys (e.g., POLYMARKET_PRIVATE_KEY and ~/.config/polymarket/config.json) and explicitly instructs the agent not to read those sources — this is proportionate. Users should still ensure the agent process has no access to private keys or env vars if they want to avoid accidental exposure.
- Persistence & Privilege
- okThe skill is not always-included and allows normal autonomous invocation controls. It does not request persistent installation or modify other skills or system settings.