Back to skill

Security audit

Polymarket Fast Loop

Security checks across malware telemetry and agentic risk

Overview

This is a transparent Polymarket auto-trading skill, but it can place real-money trades and asks for wallet private-key based live trading without enough credential-safety guardrails.

Install only if you intentionally want an automated Polymarket trading agent. Use dry-run first, prefer a managed wallet or a tightly funded dedicated wallet, never paste a main-wallet private key into chat or plaintext config, and avoid live cron loops until budget, position size, and stop conditions are explicitly acceptable.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
82% confidence
Finding
The invocation description is broad enough to match generic requests about crypto trading or automation, which could cause the agent to trigger this skill in situations where the user did not intend to authorize a real-money trading workflow. In this context, overbroad matching is more dangerous because the skill can lead to live financial trades and requests for sensitive credentials.

Missing User Warnings

High
Confidence
97% confidence
Finding
The skill explicitly instructs the agent to ask for and store a wallet private key in an environment variable, but it does not provide a strong warning that private keys are extremely sensitive and should generally never be shared with an agent or persisted insecurely. In a real-money trading skill, this is especially dangerous because compromise of the key can directly lead to unauthorized trades or theft of wallet funds.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The manifest explicitly advertises support for a WALLET_PRIVATE_KEY for self-custody trading but provides only a functional description, not a security warning about storing, injecting, or using highly sensitive signing material. In a trading skill that can place market actions automatically, omission of clear private-key handling and transaction-risk warnings increases the chance of unsafe deployment, credential exposure, or unintended fund movement.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.