ClawHub

Polymarket CLI Trading

Security checks across malware telemetry and agentic risk

Overview

This is a transparent Polymarket CLI helper, but it can affect real-money accounts and includes an optional remote shell installer that users should avoid.

Install this only if you want an agent to help operate the Polymarket CLI. Prefer the Homebrew install path, avoid the curl-to-shell installer unless you independently review and verify it, keep private keys and API keys out of chat and shell history, and require explicit confirmation for every account-affecting command.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Tool MisuseTool Parameter Abuse, Chaining Abuse, Unsafe Defaults
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Missing User Warnings

Medium
Confidence
98% confidence
Finding
The skill instructs users to pipe a remotely fetched shell script directly into `sh`, which executes unreviewed code from the network immediately. If the upstream GitHub content, repo, branch, or delivery path is compromised, users could run arbitrary code on their machine with the permissions of the invoking user.

External Script Fetching

Low
Category
Supply Chain
Content
**Shell script:**
```bash
curl -sSL https://raw.githubusercontent.com/Polymarket/polymarket-cli/main/install.sh | sh
```

**Build from source:**
Confidence
95% confidence
Finding
curl -sSL https://raw.githubusercontent.com/Polymarket/polymarket-cli/main/install.sh | sh

Chaining Abuse

High
Category
Tool Misuse
Content
**Shell script:**
```bash
curl -sSL https://raw.githubusercontent.com/Polymarket/polymarket-cli/main/install.sh | sh
```

**Build from source:**
Confidence
98% confidence
Finding
| sh

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal