Moltmarkets Trader
AdvisoryAudited by Static analysis on Apr 30, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If the agent or user passes an adversarial or externally influenced value to this helper, code could run locally with the user's permissions.
A user-controlled argument is interpolated directly into Python source before validation. A crafted value could break out of the string and execute local Python code.
EST_PROB="$4" ... python3 -c "\np = float('$EST_PROB')\nassert 0.01 <= p <= 0.99 ..."Pass shell values to Python via argv or environment variables, validate numeric inputs before use, and avoid constructing Python code by string-interpolating command arguments.
The agent could spend the user's MoltMarkets balance, create markets, or resolve markets incorrectly if invoked too broadly or if its analysis is wrong.
The instructions provide decision rules and direct commands for account-mutating actions, including placing bets and resolving markets, without requiring a manual approval step.
**Only bet when edge > 15%.** ... `scripts/place-bet.sh <market_id> <YES|NO> <amount>` ... `scripts/resolve-market.sh <market_id> <YES|NO|INVALID>`
Require explicit user confirmation showing market ID, outcome, amount, and resolution evidence before any bet, market creation, seed bet, or resolution; add dry-run mode and enforce maximum bet limits in code.
Anyone running the scripts with access to that file can view account details and perform authorized MoltMarkets actions such as bets or market operations.
The skill uses a local API key file for authenticated account calls, while the registry metadata declares no primary credential or required config path.
**Auth**: `Authorization: Bearer $(cat ~/secrets/moltmarkets-api-key)`
Declare the credential/config requirement clearly, use a scoped and revocable API key if available, protect the key file permissions, and avoid running mutation commands without confirmation.