ClawHub
Back to skill

Security audit

Polymarket 5m Trading

Security checks across malware telemetry and agentic risk

Overview

This skill is a clearly disclosed automated Polymarket trading tool, but live mode can place real trades and should be used cautiously.

Install only if you intentionally want an automated trading script. Test dry-run first, use a dedicated low-balance wallet, keep BUY_USD and MAX_BUYS small, and do not provide WALLET_PRIVATE_KEY unless you accept that --live can place real Polymarket orders without another confirmation.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Lp3

Medium
Category
MCP Least Privilege
Confidence
87% confidence
Finding
The skill documents use of environment variables, including a live-trading private key, but does not declare corresponding permissions. This creates a transparency and governance gap: operators may not realize the skill can access sensitive secrets, and automated review or policy enforcement may fail to flag secret-dependent behavior before execution.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill explicitly supports live trading with a wallet private key and repeated real-money order placement, but it does not warn about financial loss, automated execution risk, market volatility, or irreversible transaction consequences. In this context, the omission is more dangerous because the strategy is designed to loop through up to 10 live buy/sell cycles, increasing the chance of cumulative losses or operator misuse.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
When run with --live, the skill places real buy and sell orders immediately in a loop without any interactive confirmation, summary of expected risk, or second-factor acknowledgement. In a trading skill that directly controls a funded wallet, this raises the chance of accidental financial loss from operator error, misconfiguration, or unsafe automation.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal