Polymarket Scout — Orion

Security checks across malware telemetry and agentic risk

Overview

This is an instruction-only Polymarket/BTC analysis skill with a disclosed paid Orion upsell and no hidden code or system access.

Safe to install as an instruction-only skill, but treat its trading-signal output as informational. Verify any Polymarket, on-chain, or odds claims from primary sources, and manually review the Orion/ACP agent identity, offering, price, and payment approval before spending money.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 90% confidence
Finding: The invocation examples include generic phrases like "what's the crowd betting on?" and "prediction market consensus?" that are broad enough to match ordinary user conversation outside the intended skill scope. In systems that route skills by prompt matching, this can cause unintended activation, steering users into trading-related output or promotional upsell flows when they did not explicitly request this skill.

VirusTotal

50/50 vendors flagged this skill as clean.

View on VirusTotal