Back to skill
Skillv1.0.0
ClawScan security
Polymarket CLI Trading · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 4, 2026, 5:06 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill is internally consistent with its stated purpose: it wraps the Polymarket CLI, requires only that binary, and its instructions and install steps align with trading on Polymarket without requesting unrelated credentials or system access.
- Guidance
- This skill appears coherent and implements the official CLI workflow. Before installing or using it: (1) prefer Homebrew or building from source over piping a remote install script into sh; (2) never paste your private key into chat — keep it in your local CLI config or a secure wallet/hardware signer; (3) always verify the exact command the agent will run (the skill already recommends this) before allowing trade execution; (4) if you are uncomfortable with autonomous agent actions, keep the skill user-invocable only (do not enable automatic invocation); and (5) consider using small amounts or a test wallet while learning to avoid accidental monetary loss.
Review Dimensions
- Purpose & Capability
- okName/description match the actual requirements and behavior: the skill requires the 'polymarket' CLI and provides terminal commands for browsing markets, placing orders, and managing positions — all coherent with Polymarket trading.
- Instruction Scope
- okSKILL.md instructs the agent to run only Polymarket CLI commands, check wallet state, and read the CLI config (~/.config/polymarket/config.json) or POLYMARKET_PRIVATE_KEY if present. It emphasizes showing commands and confirming trades before execution, and does not direct reading unrelated files or exfiltrating data.
- Install Mechanism
- noteRegistry install spec uses Homebrew (formula 'polymarket'), which is proportional. The README/SKILL.md also documents alternative install methods (raw.githubusercontent.com install script piped to sh and building from source). While GitHub raw URLs are common, piping remote scripts to sh is higher risk in general — prefer Homebrew or building from source when possible.
- Credentials
- okNo required environment variables are declared. The documentation mentions POLYMARKET_PRIVATE_KEY and the CLI config file as ways the CLI resolves private keys; this is expected for a trading CLI and is proportional to the skill's purpose. No unrelated credentials or broad secrets are requested.
- Persistence & Privilege
- okThe skill does not request 'always: true' or system-wide configuration changes. It is user-invocable and can be called autonomously (default), which is normal for skills; there is no indication it modifies other skills or system-wide agent settings.