Polygon Agents CLI
PendingStatic analysis audit pending.
Overview
No static analysis result has been recorded yet. Pattern checks will appear here once the artifact has been analyzed.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If installed, the agent may access a local Polygon/Sequence access key and use it with wallet sessions capable of blockchain operations.
The skill instructs the agent to read a local wallet/project credential and place it into environment variables for later wallet operations. This is high-impact credential/session access, while the registry metadata declares no required env vars, primary credential, or config paths.
Before running any commands, use the Read tool to check `~/.polygon-agent/builder.json`: ... extract `accessKey` from the JSON and export as plain shell vars
Only use this after setup you trust, keep spend limits low, do not share the access key or private key, and revoke or remove sessions you no longer need.
A mistaken or unauthorized broadcast command could move funds or create irreversible on-chain actions.
The CLI exposes commands that can transfer, swap, deposit, or otherwise spend tokens. The artifacts also state that write commands are dry-run by default and require --broadcast, so this is disclosed and purpose-aligned, but still financially sensitive.
polygon-agent send --to <addr> --amount <num> [--symbol <SYM>] [--broadcast] ... polygon-agent swap --from <SYM> --to <SYM> --amount <num> ... [--broadcast] ... polygon-agent deposit --asset <SYM> --amount <num> ... [--broadcast]
Preview transactions without --broadcast first, verify recipient addresses and amounts, and require explicit user confirmation before broadcasting.
You are trusting external package and helper-binary downloads to handle wallet credentials and transactions.
The skill delegates execution to an external npm package and a downloaded helper binary. This is central to the CLI workflow and disclosed, but the skill itself includes no reviewed code, no install spec, and no pinned package version.
Run via npx: `npx @polygonlabs/agent-cli <command>` ... Or install globally ... `npm install -g @polygonlabs/agent-cli` ... `cloudflared` is auto-downloaded to `~/.polygon-agent/bin/` on first use.
Verify the npm package, repository, and release version before use; prefer pinned versions and avoid running it in environments with unrelated sensitive credentials.
Approval URLs and session blobs are sensitive; mishandling them could affect wallet-session security.
The approval flow uses a hosted connector and Cloudflare tunnel to return an encrypted session blob. This is disclosed and part of the workflow, but it is a sensitive cross-service communication path.
The CLI automatically opens a Cloudflare Quick Tunnel (`*.trycloudflare.com`) and passes the callback URL to the connector UI ... the CLI receives the session automatically.
Open approval URLs only from trusted runs, do not truncate or share them beyond the intended user, and delete temporary session blobs when no longer needed.