ClawHub

Polymarket Sports Arbitrage

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed sports-odds scanner that polls The Odds API or demo data and writes local JSON results; its main risk is a configurable output file path.

Install only if you want a managed scanner running every 30 minutes. Use a limited-purpose Odds API key, expect API quota usage, and leave RESULTS_FILE at the default or set it to a dedicated non-sensitive file path.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Taint TrackingDirect Taint Flow, Variable-Mediated Taint Flow, Credential Exfiltration Chain
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Tainted flow: 'RESULTS_FILE' from os.environ.get (line 36, credential/environment) → open (file write)

Medium
Category
Data Flow
Content
combined = combined[-500:]

    try:
        with open(RESULTS_FILE, "w") as fh:
            json.dump(combined, fh, indent=2)
        log.info(
            "Results saved to %s (%d new, %d total).",
Confidence
90% confidence
Finding
with open(RESULTS_FILE, "w") as fh:

Tainted flow: 'RESULTS_FILE' from os.environ.get (line 36, credential/environment) → open (file write)

Medium
Category
Data Flow
Content
# Still write an empty-run marker so the file always exists
        if not os.path.exists(RESULTS_FILE):
            try:
                with open(RESULTS_FILE, "w") as fh:
                    json.dump([], fh)
            except OSError:
                pass
Confidence
89% confidence
Finding
with open(RESULTS_FILE, "w") as fh:

Lp3

Medium
Category
MCP Least Privilege
Confidence
92% confidence
Finding
The skill documentation describes use of environment variables, outbound network access to The Odds API, and writing results to a local file, but no corresponding permissions are declared. This creates a capability/transparency mismatch: reviewers and runtime policy may assume the skill is less privileged than it actually is, increasing the risk of unintended data access, unauthorized network use, or writing to sensitive paths if RESULTS_FILE is overridden.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal