Graph Polymarket MCP

Security checks across malware telemetry and agentic risk

Overview

This is a read-only Polymarket data MCP server whose main risk is protecting the optional HTTP/SSE endpoint and Graph API key.

Use a dedicated Graph API key and monitor quota. Prefer stdio/local use unless you intentionally need SSE. If using --http or --http-only, do not publish the endpoint to an untrusted network without access controls such as firewalling, authentication, and TLS through a trusted proxy.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Low

Confidence: 85% confidence
Finding: The README encourages running the server in HTTP/SSE mode for remote agents and shows a localhost endpoint, but it does not warn that changing the bind address, port exposure, reverse proxying, or remote deployment can make the MCP interface reachable by other users on the network. For an MCP server that exposes data-querying tools and consumes secrets via environment variables, undocumented network exposure can lead to unauthorized tool use, resource abuse, and unintended data access in real deployments.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal