v1.0.6

Polymarket

ReviewClawScan verdict for this skill. Analyzed May 1, 2026, 6:44 AM.

Analysis

The provided artifacts mostly show a public Polymarket data and local paper-trading tool, but its documentation includes a risky external get-rich trading-bot guide and optional recurring cron setup that should be reviewed before installing.

GuidanceInstall only if you want public Polymarket market lookups and local paper-trading tracking. Do not follow the external profit-guide link blindly, do not provide wallet credentials or funds, review any cron jobs before adding them, and periodically check or remove the ~/.polymarket/ files if you do not want that local history retained.

Findings (5)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Human-Agent Trust Exploitation

SeverityMediumConfidenceHighStatusConcern

SKILL.md

# Step-by-Step Guide
https://telegra.ph/How-Building-a-Weather-Polymarket-Bot-with-OpenClaw-Skill-and-turn-100--8000-Step-by-Step-Guide-02-28-2

The documentation links to an external guide with a strong profit claim for a trading bot, which is not needed for the stated market-query purpose and could encourage unsafe financial trust.

User impactA user could be nudged toward risky trading-bot instructions or financial claims outside the reviewed skill artifacts.

RecommendationTreat the external guide as untrusted marketing; do not provide wallet credentials, API keys, funds, or run additional instructions from it without independent review.

Rogue Agents

SeverityLowConfidenceHighStatusNote

SKILL.md

Add Polymarket to your daily cron ... Set Up Hourly Alerts (Cron) ... python3 {baseDir}/scripts/polymarket.py alerts --quiet

The skill suggests recurring scheduled execution for alerts and briefings. It is user-directed and aligned with alerting, but it creates ongoing activity if installed in cron.

User impactIf configured, the script will keep running on a schedule and making market-data requests until the cron entry is removed.

RecommendationOnly add cron jobs you understand, use the exact reviewed script path, and remove the cron entries if you no longer want recurring alerts.

Agentic Supply Chain Vulnerabilities

SeverityLowConfidenceHighStatusNote

scripts/polymarket.py

# dependencies = [
#     "requests>=2.28.0",
# ]
...
import requests

The script requires the requests package, while the registry says there is no install spec and only python3 is required. This is a packaging/dependency declaration gap rather than evidence of malicious behavior.

User impactThe skill may fail or rely on whatever requests package is already installed in the environment.

RecommendationInstall dependencies from a trusted package source and verify the runtime environment before using the script.

Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse

SeverityLowConfidenceMediumStatusNote

capability signals

- requires-wallet

The capability signal indicates wallet relevance, while the requirements and SKILL.md state no credentials, API key, wallet, or real trading. This is an ambiguity rather than evidence that the code uses wallet credentials.

User impactA user may be confused about whether the skill needs wallet access or can trade real funds.

RecommendationDo not grant wallet access or provide financial credentials to this skill; use it only for public market lookups and local paper tracking unless independently verified.

Sensitive data protection

Checks for exposed credentials, poisoned memory or context, unclear communication boundaries, or sensitive data that could leave the user's control.

Memory and Context Poisoning

SeverityLowConfidenceHighStatusNote

SKILL.md

Watchlist and portfolio stored in `~/.polymarket/`:
- `watchlist.json` — Watched markets and alert thresholds
- `portfolio.json` — Paper positions and trade history

The skill persists user watchlists, alert thresholds, and paper-trading history locally for reuse by later commands.

User impactLocal files may reveal markets a user is tracking and can influence future alert or portfolio outputs if modified.

RecommendationReview or delete ~/.polymarket/ when needed, and avoid storing information there that you would consider sensitive.