ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Polymarket Portfolio Tracker

v1.0.0

Monitors Polymarket positions every 30 minutes, tracks P&L, sends Telegram alerts on wins, big moves, triggers auto-reinvestment, and enforces daily loss cir...

0· 67·0 current·0 all-time
byMike@themsquared
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The stated purpose (monitor positions, alert, auto-reinvest, circuit breaker) matches the code: it queries Polymarket APIs, computes P&L, and can trigger reinvest scripts. However the skill integrates with external reinvest/exit/weather scripts (auto_reinvest.py, exit_manager.py, weather_scanner.py) that are not included; auto-reinvest implies the skill can deploy funds which is a higher-privilege capability than a simple monitor. Also a hardcoded WALLET address is present in monitor.py (points to a specific address) rather than defaulting to empty; that's unexpected and suggests the code was copied from a user's personal setup.
!
Instruction Scope
SKILL.md and monitor.py instruct reading a local .env, environment variables (PRIVATE_KEY, WALLET_ADDRESS, TELEGRAM_BOT_TOKEN, TELEGRAM_CHAT_ID), writing .monitor_state.json and .daily_pnl.json, calling Polymarket endpoints, and running other local scripts. The registry metadata declares no required env vars, but the runtime instructions and code clearly rely on sensitive env vars and external scripts not provided. Running the auto-reinvest/exit scripts can change funds; the instructions give the agent discretion to run those scripts, which is scope creep beyond passive monitoring.
Install Mechanism
There is no install spec (instruction-only + included monitor.py), which reduces installer risk. SKILL.md asks to pip install requests and a Polymarket client. There is a small mismatch: the code imports 'py_clob_client' but SKILL.md suggests 'pip install polymarket-clob-client' — this could be just naming confusion but should be verified before installing third‑party packages.
!
Credentials
The skill requires sensitive environment inputs at runtime (PRIVATE_KEY for on‑chain API creds, TELEGRAM_BOT_TOKEN/TELEGRAM_CHAT_ID for notifications, and WALLET_ADDRESS). None of these are declared in the registry metadata. Requiring PRIVATE_KEY is proportionate for active reinvestment, but it is high privilege and should be explicitly declared and justified; the registry failing to list required credentials is an incoherence and a red flag.
Persistence & Privilege
always is false (normal). The skill writes local state files (.monitor_state.json, .daily_pnl.json) and may create API creds via the clob client. Autonomous invocation is allowed (default) — combined with PRIVATE_KEY and auto‑reinvest behavior this increases blast radius. The skill does not request system-wide or other skills' configs, which is good, but the combination of autonomous runs + secret access + external reinvest scripts is notable.
What to consider before installing
This skill contains working monitor code but several inconsistencies and risky behaviors you should consider before installing: - Sensitive credentials: The code uses PRIVATE_KEY (Polygon private key) and Telegram tokens at runtime. Do not provide your main private key unless you fully trust and audit the code. Prefer a watch-only wallet or an address without spending power for initial testing. - Registry metadata mismatch: The registry lists no required env vars, but SKILL.md and monitor.py expect PRIVATE_KEY, WALLET_ADDRESS, TELEGRAM_BOT_TOKEN, and TELEGRAM_CHAT_ID. Treat that as a red flag and ask the publisher to correct metadata before use. - Hardcoded wallet: monitor.py contains a hardcoded WALLET address (0xF0D1...). If you forget to set WALLET_ADDRESS, the skill will query that address by default — likely a third party's. Change it or set WALLET_ADDRESS explicitly. - Auto-reinvest and external scripts: The monitor will call auto_reinvest.py, weather_scanner.py, and exit_manager.py (not included). Those scripts could perform trades or withdraw/deploy funds. Do not run this skill with private keys on a machine you care about until you have reviewed or disabled the reinvest/exit calls. Run in read-only/dry-run mode first. - Third-party packages: Verify the Polymarket client package name and inspect that package (py_clob_client/polymarket-clob-client) before installing; ensure it is the official package. Changing package names or mismatches can lead to installing the wrong code. - Safe steps before use: (1) Audit the missing scripts or remove/disable run_script calls; (2) run the monitor with no PRIVATE_KEY to confirm read-only behavior; (3) run locally with a watch-only address and test Telegram alerts; (4) require the publisher to provide provenance (homepage/source) or include all auxiliary scripts. Given the missing metadata and the ability to redeploy funds, treat this skill as potentially dangerous until you can verify the auxiliary scripts and the Polymarket client code.

Like a lobster shell, security has layers — review code before you run it.

latestvk977gg9x66ma5m0qrn68d92y0983crehmonitoringvk977gg9x66ma5m0qrn68d92y0983crehpolymarketvk977gg9x66ma5m0qrn68d92y0983crehportfoliovk977gg9x66ma5m0qrn68d92y0983crehtradingvk977gg9x66ma5m0qrn68d92y0983creh

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments