Skillv1.0.0

ClawScan security

Prediction Market Aggregator · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousFeb 21, 2026, 8:21 PM

Verdict: suspicious
Confidence: high
Model: gpt-5-mini
Summary: The skill's documentation claims integration with APIs that require keys and signing and references another skill dependency, but the registry entry declares no credentials, dependencies, or source — these mismatches are concerning.
Guidance: This skill's description says it will call multiple external APIs (Polymarket, Manifold, Kalshi) and even perform EIP-712 signing, but the registry lists no required API keys or dependencies — that's inconsistent. Before installing or using it, ask the publisher for: (1) the full source or manifest so you can audit network calls; (2) an explicit list of required environment variables and whether any private keys or signing capabilities are needed (never provide private wallet keys); (3) how credentials are stored and used (prefer read-only API keys scoped with minimal permissions); (4) whether it will invoke other skills (e.g., argus-edge) and whether those are available/trusted. If they cannot supply clear, verifiable answers or a public repo, treat the skill cautiously and run it only in a restricted/sandboxed environment or not at all.
Findings: [no_code_files] expected: The static scanner found no files to analyze because this is an instruction-only skill. That explains the lack of findings but provides no assurance about runtime behavior or required credentials.

Review Dimensions

Purpose & Capability: concernThe SKILL.md describes direct integration with Polymarket (including EIP-712 signing), Manifold, Kalshi (API keys), and an Argus 'argus-edge' skill. However the registry metadata lists no required env vars, no primary credential, and no declared dependency on other skills. Real use of Polymarket/Kalshi/Manifold typically requires API keys and (for Polymarket trading) signing keys; those are not declared, which is inconsistent with the stated purpose.
Instruction Scope: concernThe instructions tell the agent to query multiple external APIs and to 'plug into' an Argus edge-detection skill but give no concrete auth/endpoint guidance or handling for credentials. The SKILL.md implicitly expects network calls and cross-skill invocation, but does not specify how credentials are obtained, stored, or protected.
Install Mechanism: okThis is an instruction-only skill with no install spec and no code files. That reduces supply-chain risk from arbitrary downloads, but also means there is no source code to review—making it harder to verify behavior.
Credentials: concernThe skill claims it will use APIs that usually require API keys and EIP-712 signing (which could imply wallet private keys), yet requires.env is empty. Requesting private keys or signing ability would be high-risk; the absence of declared env vars is a mismatch and a red flag.
Persistence & Privilege: notealways:false (normal) and disable-model-invocation:false (normal autonomous capability). The skill references invoking another skill ('argus-edge') but does not request elevated or persistent system-level privileges or to modify other skills' configs.