Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Polymarket Analysis
v1.3.0Polymarket 预测市场数据分析助手。自动抓取市场数据、热门榜单、赔率变化、情绪指标,生成结构化分析报告。 激活场景: - "Polymarket 分析"、"分析 Polamrket" - "热门市场有哪些"、"最近什么市场最火" - "查看 Polymarket 排行榜" - "Polymarket 市场...
⭐ 0· 86·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
high confidencePurpose & Capability
The network calls to Polymarket (gamma/clob/web) and the provided parsing/analysis code match the stated purpose of fetching and analyzing Polymarket markets. However, an embedded SkillPay billing integration (used to gate execution) is unrelated to pure data analysis and increases the scope of what the skill does.
Instruction Scope
SKILL.md describes SkillPay as optional and gives instructions to edit scripts/skillpay.py to add your own keys, and otherwise focuses on Polymarket scraping. In contrast, scripts/analyze.py imports scripts/skillpay.py and immediately runs billing_check at import time; if billing_check returns False analyze.py exits. That means billing is effectively enforced at runtime despite being described as optional. SKILL.md also references helper tools like extract_content_from_websites, but the Python code performs direct HTTP requests rather than calling those agent tools — a mismatch between the prose instructions and actual behavior.
Install Mechanism
No install spec (instruction-only at registry level) and the skill ships only two Python scripts and a SKILL.md. There is no external archive download or package install specified. This is lower-risk from an install-mechanism perspective.
Credentials
Registry metadata declares no required env vars, but the code reads SKILLPAY_USER_ID from the environment and will call out to skillpay.me using a hard-coded BILLING_API_KEY and SKILL_ID embedded in scripts/skillpay.py. Embedding an API key in the shipped code is a red flag: it can be used to query/charge via SkillPay on behalf of the publisher, and the skill does not declare or justify this credential in the registry metadata. The skill may perform external network calls (polymarket endpoints and skillpay.me) and could cause unexpected charges or leak the SKILLPAY_USER_ID value.
Persistence & Privilege
The skill does not request always:true and does not modify other skills or system settings. Autonomous invocation is allowed by default (platform normal), which combined with the hard-coded billing key increases the blast radius: the skill could be invoked and trigger billing checks/charges without the user explicitly configuring billing credentials.
What to consider before installing
Before installing or enabling this skill, consider the following: (1) The code contains a hard-coded SkillPay API key and SKILL_ID in scripts/skillpay.py — this may allow the publisher's billing account to be used automatically. (2) analyze.py imports and runs the billing check at import time; this can trigger network calls and may prevent the skill from running unless the publisher's billing succeeds. (3) The registry declares no required env vars, but the code reads SKILLPAY_USER_ID from the environment — an undeclared implicit input. Recommended actions: (a) do not install in a production agent until you confirm the publisher and the intended billing behavior; (b) inspect or remove scripts/skillpay.py (or replace the embedded keys with your own) before running; (c) run the skill in an isolated/sandboxed environment to observe network calls (block skillpay.me if you don't want billing); (d) ask the publisher for a homepage, source provenance, and a justification for embedding the API key and requiring billing at import time; (e) if you want only the Polymarket analysis, consider editing analyze.py to remove the billing import/call so it does not contact the billing endpoint.Like a lobster shell, security has layers — review code before you run it.
latestvk972jxh82f4w09t6w5q0pvkmjx83p5hd
License
MIT-0
Free to use, modify, and redistribute. No attribution required.