Polymarket via Gina

Security checks across malware telemetry and agentic risk

Overview

This skill is transparent about connecting to Gina for Polymarket, but it delegates real-money trading and scheduled automation authority with limited documented guardrails.

Install only if you are comfortable giving Gina MCP delegated access to a real-money Polymarket account. Start with read-only prompts, keep the token out of chats and logs, confirm every trade where possible, set strict budgets before enabling automations, regularly review active jobs and open orders, and know how to revoke the token from Gina's Agent Setup page.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 92% confidence
Finding: The skill encourages very broad natural-language use such as 'Just type natural language prompts — no special syntax needed' and includes high-risk actions like placing trades, cancelling orders, redeeming winnings, and creating automations. In an MCP/agent setting, overly generic invocation guidance can cause accidental activation or ambiguous interpretation, which is more dangerous here because actions can move real funds and create scheduled trading behavior.

VirusTotal

61/61 vendors flagged this skill as clean.

View on VirusTotal