ClawHub

LuckyLobster

Security checks across malware telemetry and agentic risk

Overview

This is a legitimate-looking Polymarket trading skill, but it deserves review because it can persist a trading key and create automated or copy-trading strategies that may spend funds without per-trade prompts.

Install only if you intentionally want an AI agent connected to a funded Polymarket account. Use a limited-balance account, set strict budgets and expirations, require explicit confirmation before orders, approvals, redemptions, or strategy creation, review any copy-trade target carefully, monitor active strategies, and know how to pause strategies or revoke the API key.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Description-Behavior Mismatch

Medium
Confidence
95% confidence
Finding
The manifest says the skill is for searching markets, placing orders, and managing positions, but the file also exposes autonomous server-side strategies that can continue trading without per-action user involvement. This hidden expansion of capability materially changes the risk profile, especially because it includes persistent automated execution and copy trading.

Context-Inappropriate Capability

Medium
Confidence
93% confidence
Finding
Copy trading is materially different from ordinary market lookup and order placement because it monitors another wallet and mirrors trades automatically. That capability is not clearly justified by the advertised purpose, so users and hosting agents may grant trust to a skill whose real behavior is broader and financially riskier than disclosed.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The skill enables trading, approvals, cancellations, and redemption of assets, but the description lacks a prominent warning that these actions affect real funds and may be irreversible or time-sensitive. In a financial skill, missing risk disclosure increases the chance of unsafe or uninformed user authorization.

Missing User Warnings

High
Confidence
97% confidence
Finding
The autonomous strategies section describes rules that execute automatically on the server, but it does not present a strong, unavoidable warning that trades may continue after setup without further prompts. That creates a substantial risk of unintended ongoing losses, especially with recurring buys and copy-trade strategies.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal