ClawHub

Polymarket Portfolio Tracker

Security checks across malware telemetry and agentic risk

Overview

The skill is mostly transparent about portfolio monitoring, but it can repeatedly invoke trading-related scripts with wallet credentials and too little user control for real-money automation.

Review this carefully before installing. Use only a dedicated low-balance wallet, protect the private key outside logs and shell history, replace the hardcoded wallet value, inspect or provide the missing helper scripts yourself, and do not enable cron or daemon mode until you have added explicit trading limits, dry-run behavior, and a clear stop mechanism.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The skill explicitly advertises auto-reinvestment and integration with trading scripts, but the description does not clearly warn users that it can initiate financial actions rather than merely monitor positions. In an agent-skill context, this increases the risk of unintended autonomous trading, especially when paired with cron execution and other automation components.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The setup instructions request a private key via environment variable but provide no security guidance on safe secret handling, storage, or scope limitation. This is dangerous because users may paste live wallet credentials into insecure environments, logs, shell history, or shared agent runtimes, enabling wallet compromise and unauthorized trades.

Missing User Warnings

Medium
Confidence
79% confidence
Finding
The script automatically executes trading helper scripts when balance thresholds are met, without any approval gate, dry-run mode, or explicit operator confirmation. In an automated cron context, that means a bad market signal, compromised helper script, or logic bug can immediately trigger unwanted trades using real funds.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal