Prediction Bridge Skill
PassAudited by VirusTotal on May 12, 2026.
Overview
Type: OpenClaw Skill Name: prediction-bridge Version: 1.0.0 The skill bundle itself does not contain explicitly malicious code. However, it presents two significant vulnerabilities. Firstly, the `SKILL.md` instructs the OpenClaw agent to execute `python scripts/prediction_bridge.py` with user-provided arguments. If the agent does not properly shell-escape these arguments, it creates a critical shell injection (RCE) vulnerability. Secondly, the `scripts/prediction_bridge.py` script allows overriding the `PREDICTION_BRIDGE_URL` via an environment variable, which, if controllable by an attacker (e.g., through prompt injection against the agent), could lead to Server-Side Request Forgery (SSRF) by redirecting API calls to an arbitrary endpoint. These are vulnerabilities in the agent's interaction with the skill, not direct malicious intent within the skill's code.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent may run the included Python CLI to fetch market data when asked.
The skill operates by running a bundled local Python script. This code execution is clearly disclosed and central to the skill's purpose, with no dependency install or unrelated execution behavior shown.
Run the script at `scripts/prediction_bridge.py` with the appropriate command. It uses only Python stdlib — no pip install needed.
Install only if you are comfortable with the agent running this bundled read-only API client for prediction-market lookups.
Search terms, market IDs, and wallet addresses used in commands may be visible to the external API service.
The script sends API requests to a hosted Prediction Bridge endpoint, with an optional environment-variable override. This is disclosed and purpose-aligned, but user queries and wallet addresses become data sent to that service.
BASE_URL = os.environ.get("PREDICTION_BRIDGE_URL", "https://prediction-bridge.onrender.com")Avoid entering private or sensitive text as search queries, and verify the API endpoint before overriding `PREDICTION_BRIDGE_URL`.
Users have less external context for verifying who operates the API or how reliable the returned market data is.
The registry information does not provide a source repository or homepage for independently verifying the publisher or hosted service provenance.
Source: unknown; Homepage: none
Review the included script and only rely on the market data if you trust the skill publisher and the hosted API endpoint.