Back to skill

Security audit

Polymarket Edge Detector

Security checks across malware telemetry and agentic risk

Overview

This skill is a trading-edge screener that can produce buy signals, but its implementation uses mock random data while parts of the skill describe real Polymarket and external-probability analysis.

Install only if you understand this is a demo/mock screener, not a reliable trading tool. Do not use its BUY_YES or BUY_NO output for real-money Polymarket decisions unless the publisher replaces the mock generator with real Polymarket and reference-data integrations and clearly labels any synthetic mode.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Tp4

High
Category
MCP Tool Poisoning
Confidence
95% confidence
Finding
The skill claims to identify real Polymarket trading edge using external reference probabilities and historical accuracy, but the finding indicates it may instead rely on synthetic data, random reference probabilities, and unsupported scoring claims. In a financial decision-support context, this can mislead users into placing real-money trades based on fabricated or non-existent analysis, creating tangible economic harm and undermining trust.

Description-Behavior Mismatch

Medium
Confidence
95% confidence
Finding
The script presents itself as an edge detector for Polymarket using external reference probabilities, but all pricing, liquidity, and reference values are generated locally with pseudo-random mock data. In a trading-oriented skill, this is dangerous because users may rely on fabricated signals to make financial decisions, causing avoidable monetary loss and undermining trust in the tool's outputs.

Intent-Code Divergence

Low
Confidence
88% confidence
Finding
The watch-mode banner claims alerts are based on a configurable reference source, but that variable is only printed and never influences calculations. This creates misleading operational output that can cause users to believe alerts are grounded in a selected data source when they are still based on synthetic values, increasing the risk of bad trading decisions.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.