Skillv2.0.0

ClawScan security

Polymarket API Guide · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignMar 23, 2026, 4:36 AM

Verdict: benign
Confidence: medium
Model: gpt-5-mini
Summary: The skill's code and instructions match its stated purpose (Polymarket data access and CLOB trading) and there are no obvious incoherent requests, but it performs sensitive actions (deriving API creds from a wallet private key and placing live orders) so users should be careful about secrets and runtime invocation.
Guidance: This package is coherent for Polymarket data access and trading, but it includes code that will derive API credentials from a wallet private key and place live orders. Before installing or running: 1) Never paste your real private key into code you haven't audited—prefer ephemeral/test keys or API tokens with limited scope. 2) Clarify whether you should supply private_key/wallet_address via environment variables or function arguments; avoid storing long-term secrets in plaintext in the skill folder. 3) Review requirements.txt and the py-clob-client package versions before pip install. 4) Run trading-capable code only in an isolated environment and consider disabling autonomous invocation or requiring explicit user approval when the agent would perform trades. 5) If a key is accidentally exposed, rotate it immediately. If you want just read-only data, use the public endpoints and avoid initializing the PolymarketClient with private keys.
Findings: [no_findings] expected: Static pre-scan reported no injection signals. The absence of findings is not proof of safety, but is consistent with this package containing readable Python examples and no obfuscated or network-install code patterns.

Review Dimensions

Purpose & Capability: okThe name/description (Polymarket API & CLOB) align with the included examples and libraries: market discovery, WebSocket realtime, orderbook analysis, and a trading client that uses the py-clob-client SDK. All external endpoints are Polymarket-related and there are no unrelated service credentials or binaries requested.
Instruction Scope: noteSKILL.md plus examples include live trading operations (CLOB SDK), deriving API credentials from a private key, and order placement. Those instructions stay within the declared domain (Polymarket) but they require handling sensitive secrets (private keys). The skill explicitly excludes trading strategies, but does include code that will perform actual trades if given keys and invoked.
Install Mechanism: okNo install spec in registry; this is an instruction+code bundle. Dependencies are Python packages (requirements.txt and import of py-clob-client). There are no downloads from untrusted URLs or archive extracts in the manifest. Installing via pip for the listed requirements is the expected mechanism.
Credentials: noteThe registry declares no required env vars, but SKILL.md mentions optional POLYMARKET_API_KEY/POLYMARKET_API_SECRET and the library expects a wallet private_key and wallet_address to be supplied (constructor). Requesting a private key (or using an API key/secret) is proportionate for a trading client, but it is sensitive — the skill does not require tokens in env by registry, so secret handling is left to the user. The mapping between 'optional env vars' in docs and the lib's private_key parameter is slightly inconsistent and should be clarified.
Persistence & Privilege: okalways is false and the skill does not request elevated platform privileges or attempt to modify other skills. It can perform autonomous invocation (default), which is normal, but users should be aware that autonomous operation combined with trading-capable code increases risk if the agent has access to secrets.