Security audit

Probability Mean Reversion

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed Polymarket analysis guide with no executable code, credentials, persistence, or trading automation.

Install only if you want agent help researching a Polymarket mean-reversion strategy. Treat the output as trading research, not financial advice; require explicit confirmation before any live trade, verify liquidity and recent news yourself, and avoid applying it to generic market prompts or low-liquidity markets.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 89% confidence
Finding: The trigger list is broad enough to activate on common trading-language prompts such as 'fade', 'range trading', or 'panic buy', which can cause the agent to select this skill in contexts where the user did not explicitly request this specific strategy. In a financial-trading skill, incorrect auto-selection is materially risky because it can steer analysis or recommendations toward speculative mean-reversion behavior without sufficient validation of suitability, market regime, or user intent.

VirusTotal

62/62 vendors flagged this skill as clean.

View on VirusTotal