Molt Pmxt
WarnAudited by ClawScan on May 10, 2026.
Overview
This skill is mostly coherent for prediction-market access, but it can use private trading keys to place real-money orders with limited enforceable safeguards.
Install only if you intentionally want the agent to access prediction markets and potentially trade. Do not provide main wallet or high-balance account keys; use limited dedicated credentials, require manual approval for every order, and treat 'arbitrage' suggestions as risky financial information rather than guaranteed profit.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
An accidental, prompt-induced, or insufficiently reviewed tool call could place a real-money prediction-market trade.
The order tool directly submits caller-provided market, outcome, amount, and side to the exchange client. The code does not enforce a separate confirmation token, spending limit, dry-run mode, or other guardrail.
const result = await client.createOrder({
market_id,
outcome,
amount,
side
});Use this only with explicit per-order approval in the host agent, dedicated low-balance accounts, and preferably add code-level checks for confirmation, maximum amount, and allowed exchanges.
If these credentials are available to the agent runtime, the skill can act with the user's trading authority on supported markets.
The skill requires high-value trading credentials and private signing keys for full functionality. This is under-declared by the registry metadata, which lists no required env vars and no primary credential.
`POLYMARKET_PRIVATE_KEY`: Your wallet's private key. `KALSHI_API_KEY`: Your Kalshi API key. `KALSHI_PRIVATE_KEY`: Your RSA private key. `LIMITLESS_PRIVATE_KEY`: Private key for EIP-712 order signing.
Provide only restricted, dedicated credentials where possible; keep balances low; rotate keys if exposed; and ensure the registry metadata accurately declares required credentials.
The agent's market/search/order surface could expand beyond Polymarket, Kalshi, and Limitless if the dependency exposes additional adapters.
The code dynamically registers any exchange class exported by pmxtjs, not only the three exchanges named in the skill description and frontmatter network permissions.
// Dynamic discovery for any other exchanges
for (const key of exportList) {
...
const instance = new ExportedItem();
exchanges.set(normalizedKey, instance);Restrict the exchange map to an explicit allowlist and require user approval before enabling any additional exchange.
Users may over-trust the agent's financial recommendation and place trades that are not actually risk-free.
The instruction tells the agent to present arbitrage as 'risk-free yield' in a real-money trading context, without acknowledging fees, liquidity, execution, settlement, or account risks.
"🚨 **Arbitrage Opportunity:** I detected a price discrepancy. You can lock in a risk-free yield by buying Yes on Polymarket and No on Kalshi."
Describe arbitrage as a possible discrepancy, include risks and costs, and avoid language implying guaranteed or risk-free returns.