Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Lpxpoly
v1.0.1AI-powered Polymarket prediction market analysis via Bitcoin Lightning. Find mispriced markets, get AI edge on probability vs market price. ~50 sats per anal...
⭐ 0· 445·3 current·3 all-time
by@yebdmo2
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The skill claims to provide paid AI analyses via Bitcoin Lightning and only requests LIGHTNINGPROX_SPEND_TOKEN, which matches the payment purpose. However the SKILL.md includes an mcpServers snippet that runs `npx lpxpoly-mcp` — the registry metadata declared no required binaries. That is an inconsistency: running via npx requires the npx binary and will fetch/execute an npm package at runtime, which is not listed or justified in the manifest.
Instruction Scope
The instructions are largely high-level (check_balance, get_edge_opportunities, analyze_market) and limited to the stated domain. But the provided runtime example (mcpServers config) instructs executing an external npm package with the spend token in its env, which implicitly grants that package permission to perform network calls and spend sats. The SKILL.md does not describe what the lpxpoly-mcp package does, what endpoints it calls, or what data it sends — scope is therefore broader than documented.
Install Mechanism
There is no install spec (instruction-only), which is lower-risk in general. But the mcpServers example relies on `npx lpxpoly-mcp` — this will fetch and execute code from the npm registry at runtime if npx is invoked. That execution-of-remote-package behavior is not declared, not vetted, and not included in the manifest; it increases risk because arbitrary code could run locally under the agent process.
Credentials
The only required environment variable is LIGHTNINGPROX_SPEND_TOKEN, which is coherent with a paid-per-use service. This token appears to be a spend-capable credential; providing it grants the backend (or any executed client code) the ability to charge sats. No unrelated secrets are requested. Because it is a spend token, it is high-sensitivity and should be scoped/limited where possible.
Persistence & Privilege
always:false and no declared config writes — that is appropriate. However model invocation is enabled (default), so an agent with permission to call skills could autonomously invoke this skill. Combined with a live spend token and the ability to execute an npm package via npx, this creates risk of unintended charges if the agent calls the skill without user confirmation.
What to consider before installing
The skill’s purpose (paid Polymarket analysis via Lightning) matches the single env var it requests, but the runtime snippet instructs running `npx lpxpoly-mcp` which would fetch and execute remote npm code and use your LIGHTNINGPROX_SPEND_TOKEN to pay. Before installing: 1) Ask the publisher for details — where is lpxpoly-mcp published, can you review its source (link to repo or tarball), and why isn’t npx listed as a required binary? 2) Prefer to supply a limited spend token (or zero-balance token) for testing and top it up only after you verify behavior. 3) Consider disabling autonomous invocation (or require explicit confirmation) so the agent cannot charge sats automatically. 4) If you must install, inspect the lpxpoly-mcp package contents or request a signed release from the project. These steps reduce risk of arbitrary code execution and unintended Lightning spend.Like a lobster shell, security has layers — review code before you run it.
latestvk97fwny7vemave2xt3t89pskvs82xyvz
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
Runtime requirements
📊 Clawdis
EnvLIGHTNINGPROX_SPEND_TOKEN