Polymarket Candle Momentum

Security checks across malware telemetry and agentic risk

Overview

This appears to be a disclosed trading automation skill with real financial risk, but its sensitive behavior is aligned with its stated purpose and includes paper-mode and live-trade confirmation guidance.

Use this only with exchange keys scoped to trading, never withdrawal access, and start in paper mode. Before enabling live mode, confirm the exact market, pair, amount, daily limits, stop-loss/drawdown settings, and whether the command truly requires a live confirmation flag.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (2)

Lp3

Medium

Category: MCP Least Privilege
Confidence: 91% confidence
Finding: The skill documentation describes use of environment variables and outbound network access, but no explicit permissions are declared. In an agent ecosystem, undeclared capabilities weaken user consent and policy enforcement because the skill can access secrets and external services without transparent capability scoping.

Vague Triggers

Medium

Confidence: 79% confidence
Finding: The skill is described in broad terms as scanning markets, selecting the strongest signal, and handling trade execution plumbing, without clear invocation and safety constraints in the trigger surface. For a trading skill, vague scope can lead an agent to invoke it in overly broad contexts, increasing the chance of unintended financial actions.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal