v2.0.3

Torch Prediction Market Kit

ReviewClawScan verdict for this skill. Analyzed May 1, 2026, 5:42 AM.

Analysis

This is a disclosed live Solana market bot that can continuously create markets and spend vault funds, so it should be carefully reviewed and tightly limited before use.

GuidanceInstall or run this only if you intentionally want a live DeFi bot. Use a dedicated vault with limited funds, a fresh disposable controller key, pinned and verified dependencies, and manually reviewed markets.json entries; stop the process and revoke the vault wallet link when you are done.

Findings (5)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Tool Misuse and Exploitation

SeverityHighConfidenceHighStatusConcern

SKILL.md

This is not a read-only scanner. This is a fully operational market maker that generates its own keypair, verifies vault linkage, creates tokens, seeds liquidity, and resolves markets autonomously in a continuous loop.

The skill explicitly performs on-chain financial actions, including creating tokens and seeding liquidity from a vault, rather than only providing analysis or read-only monitoring.

User impactIf run with a funded and linked vault, it can create public Solana markets and spend vault SOL according to its market definitions.

RecommendationOnly run it with a dedicated vault, limited funds, reviewed market definitions, and clear transaction/spend limits.

Cascading Failures

SeverityMediumConfidenceHighStatusConcern

SKILL.md

It reads your `markets.json` file, creates Torch tokens for pending markets, seeds them with initial liquidity from your vault, monitors price and volume, and resolves them at the deadline

A local file drives multiple on-chain actions; incorrect or tampered market entries can propagate into irreversible blockchain transactions and vault-funded liquidity.

User impactBad entries in markets.json could result in unwanted market creation or vault spending before a human notices.

RecommendationProtect markets.json from untrusted edits, review changes before each run, and add total spend/cycle caps where possible.

Rogue Agents

SeverityMediumConfidenceHighStatusConcern

lib/kit/index.js

while (true) { ... await marketCycle(connection, log, config.marketsPath, config.vaultCreator, agentKeypair); ... setTimeout(resolve, config.scanIntervalMs)

The entrypoint implements an indefinite autonomous loop with no built-in end condition beyond stopping the process.

User impactOnce started, the bot can continue checking the file and taking market actions repeatedly until stopped.

RecommendationRun it under explicit supervision, use process controls, and revoke the agent wallet from the vault when it should no longer act.

Agentic Supply Chain Vulnerabilities

SeverityMediumConfidenceMediumStatusConcern

lib/kit/index.js

const torchsdk_1 = require("torchsdk");

Core transaction behavior depends on a package-name import. Combined with the registry stating there is no install spec and the artifacts referencing optional npm installation, users should verify which torchsdk package/version will actually execute.

User impactA different installed dependency version could affect the transactions built and submitted by this financial bot.

RecommendationUse pinned dependencies, verify package integrity, and confirm the runtime uses the reviewed SDK code before funding or linking a vault.

Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse

SeverityMediumConfidenceHighStatusNote

agent.json

"SOLANA_PRIVATE_KEY", "description": "Disposable controller keypair ... Optional ... If provided, should be a fresh keypair with ~0.01 SOL for gas. Holds no value. All market capital lives in the vault.", "sensitive": true

The private key is optional and described as disposable, but it is still sensitive signing authority and is paired with a vault link for delegated on-chain actions.

User impactUsing a valuable or broadly authorized wallet would expose more authority than the skill says it needs.

RecommendationUse only a fresh disposable controller key, keep minimal gas funds on it, and revoke its vault link when finished.