v1.0.0

Polymarket Politics Random Buyer

SuspiciousClawScan verdict for this skill. Analyzed Apr 30, 2026, 11:31 AM.

Analysis

This appears to be a real Polymarket/AION trading skill, but it requires sensitive wallet credentials and includes recurring automation and unpinned dependencies that are not consistently reflected in the registry metadata.

GuidanceTreat this as a high-risk crypto trading template, not a casual utility. Before installing, verify the dependencies, disable scheduled automation unless you need it, run dry-run first, and only use a dedicated low-balance wallet and dedicated AION API key.

Findings (6)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Tool Misuse and Exploitation

SeverityMediumConfidenceHighStatusNote

SKILL.md

Execution mode: dry-run unless `--live` is passed ... Buy the configured side for the configured amount.

The skill can place live financial trades when explicitly run with --live; this is purpose-aligned, but users should notice the trading authority.

User impactIf run in live mode, the skill can spend wallet funds on a randomly selected politics market.

RecommendationUse dry-run first, keep trade size small, and only run --live with a dedicated wallet and clear spending limits.

Agentic Supply Chain Vulnerabilities

SeverityMediumConfidenceHighStatusConcern

clawhub.json

"requires": { "pip": ["aion-sdk", "python-dotenv", "eth-account"], "env": ["AION_API_KEY", "WALLET_PRIVATE_KEY"] }

The skill depends on external, unpinned packages, including wallet/trading-related libraries, despite the registry install summary saying there is no install spec.

User impactDependency changes or package compromise could affect a skill that handles wallet credentials and trading actions.

RecommendationPin dependency versions, verify package provenance, and install only in an isolated environment with a dedicated wallet.

Cascading Failures

SeverityLowConfidenceMediumStatusNote

clawhub.json

"cron": "*/30 * * * *", "automaton": { "managed": true, "entrypoint": "politics_random_buyer.py" }

Recurring execution can repeat the same configuration or selection logic every 30 minutes, which can amplify mistakes even though the script is documented as dry-run by default.

User impactA bad configuration could be exercised repeatedly on the schedule, causing recurring API activity and repeated decisions.

RecommendationDisable the cron automation unless wanted, monitor scheduled runs, and add explicit spend/position limits before any live automation.

Rogue Agents

SeverityMediumConfidenceHighStatusConcern

clawhub.json

"cron": "*/30 * * * *", "automaton": { "managed": true, "entrypoint": "politics_random_buyer.py" }

The skill declares managed recurring automation for the trading script, which can continue operating outside a one-time user invocation.

User impactThe skill may keep running on a schedule after installation, using the configured credentials and making repeated dry-run trading decisions by default.

RecommendationOnly enable the managed automaton if you explicitly want scheduled operation, and disable it when not actively testing or trading.

Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse

SeverityHighConfidenceHighStatusConcern

clawhub.json

"env": ["AION_API_KEY", "WALLET_PRIVATE_KEY"] ... "Polygon wallet private key used to derive the wallet address for context-aware trading."

The skill requires a raw wallet private key and API key, while the registry metadata reports no required env vars or primary credential; this is a significant permission-boundary mismatch.

User impactA wallet private key can control funds in that wallet, so misuse or exposure could lead to financial loss.

RecommendationDo not use a main wallet. Use a new low-balance wallet, verify the credential declarations before install, and rotate credentials if they were exposed.

Sensitive data protection

Checks for exposed credentials, poisoned memory or context, unclear communication boundaries, or sensitive data that could leave the user's control.

Insecure Inter-Agent Communication

SeverityLowConfidenceHighStatusNote

politics_random_buyer.py

return AionClient(api_key=api_key, venue=VENUE) ... client.get_market_context(candidate["market_id"], venue=VENUE, user=wallet_address)

The skill communicates with the AION SDK/API and sends the derived wallet address for market context; this is purpose-aligned but privacy-relevant.

User impactThe external trading/context provider can associate the API key, wallet address, and market checks.

RecommendationUse a dedicated wallet and API key, and review AION's data handling before running the skill.