Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Polymarket Cryptos Hunter
v2.0.0HFT Market Making bot for Polymarket. Live execution via Web3 and CLOB API.
⭐ 0· 72·0 current·0 all-time
by@thony32
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The name/description (HFT market-making on Polymarket) matches the code: it uses a CLOB REST/WS client and web3 to read balances and place orders. However the registry/metadata claims no required environment variables, while the code clearly expects a WALLET_PRIVATE_KEY and optionally Polymarket API credentials — an inconsistency between declared requirements and actual needs.
Instruction Scope
SKILL.md instructs the agent to start the bot in the background using nohup & and says the agent's only role is to start it. It does not mention supplying a .env, the need to provide a private key, how keys are stored, or safety checks (dry-run/testnet). The runtime instructions therefore omit critical operational details and give broad permission to start a long-running process without confirmation or safeguards.
Install Mechanism
There is no install spec (instruction-only install), which reduces install-time risk. A requirements.txt is included but the SKILL.md doesn't specify installing dependencies or setting up the virtualenv; that mismatch may lead users to run the script in an unprepared environment. No external download URLs or installers are present in the bundle.
Credentials
The code requires WALLET_PRIVATE_KEY (and references POLYMARKET_API_KEY/SECRET/PASSPHRASE) which are highly sensitive. Those credentials are necessary for live trading, so their presence can be legitimate — but the skill metadata and SKILL.md do not declare or explain them, nor do they warn about the security implications. That lack of transparency is a security concern.
Persistence & Privilege
The agent is instructed to launch an indefinite background process (nohup ... &). The bot also writes logs and an sqlite audit DB to the working directory. Persistent processes that hold secret keys are a higher-risk posture: if the process is compromised it could leak or misuse funds. The skill does not request 'always:true' but it does request persistence via the instructions.
What to consider before installing
This skill runs a live trading bot and requires your wallet private key and possibly Polymarket API credentials, but the package metadata and instructions do not disclose that — proceed cautiously. Before installing or running: (1) do not use your mainnet/private production wallet; use a burner wallet with minimal funds and test on a testnet if possible; (2) read the entire main.py to completion (search for any hard-coded endpoints, telemetry, or unexpected network calls); (3) ensure you understand where RPC provider and credentials are sourced (the code expects an env WALLET_PRIVATE_KEY); (4) run inside an isolated environment (container or VM) and with limited filesystem permissions; (5) install dependencies in a venv and run initially with a dry-run or simulation mode (if available) — do not start the bot in background on a machine with valuable keys until you’re comfortable; (6) consider having an independent code audit if you will use real funds. The inconsistencies (no declared env vars vs code requiring secrets, lack of setup instructions, and the advice to spawn a persistent background process) are why this is flagged as suspicious rather than benign.Like a lobster shell, security has layers — review code before you run it.
latestvk979fjnccxkvaw9n2qyfhf602x83ggqj
License
MIT-0
Free to use, modify, and redistribute. No attribution required.