Skillv1.0.1

ClawScan security

Openclaw Bot Prob Trade · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignFeb 18, 2026, 7:39 PM

Verdict: Benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's requirements, files, and runtime instructions are consistent with an autonomous prob.trade/Polymarket trading bot; nothing in the bundle appears to be unrelated or intentionally deceptive.
Guidance: This repo appears to be a legitimate autonomous trading bot that relies on the separate probtrade skill for API access. Before installing or running it: 1) Keep dry_run enabled and test with python3 scripts/bot.py scan and status to verify behavior. 2) Review and trust the probtrade skill implementation you install — the bot imports its api_client directly, so a malicious or trojaned probtrade skill would be executed. 3) Provide API keys only to the probtrade skill (not to unknown third parties) and secure them (use Docker or a separate service account, limit permissions, chmod 600 on .env). 4) If deploying to a server, prefer container/sandbox isolation (Docker, dedicated user) and monitor network traffic and logs. 5) Expect financial risk: the bot can place real orders when dry_run is disabled. 6) If you plan to use strategies that need LLM / NOAA / social API keys, add those credentials sparingly and review the specific strategy code. If you want additional assurance, request a review of the probtrade skill's api_client and the omitted code files for any unexpected network endpoints or secrets exfiltration.

Review Dimensions

Purpose & Capability: okName and description (autonomous trading via prob.trade) match the code, docs, and declared requirements. The skill asks only for python3 and delegates API access to the probtrade skill, which is coherent for this purpose.
Instruction Scope: noteSKILL.md and README instruct the agent to run Python scripts, edit config.yaml, and install/configure the probtrade skill for API credentials. The engine inserts a path to a probtrade skill and imports api_client.fetch/trading_request — this is expected, but it means the bot will execute whatever the probtrade skill's api_client provides. The SKILL.md exposes optional env overrides (PROBTRADE_SKILL_PATH, DRY_RUN, LLM keys) — those are reasonable, but the default path insertion (../../openclaw-skill/lib) is worth noting as a supply-chain vector: if that path contains malicious code, it will be imported.
Install Mechanism: okOnly install step is a brew formula for python@3 to provide python3. Installing Python via a package manager is proportionate to a Python-based bot. (Note: brew on Linux requires Linuxbrew; the install instruction targets macOS/Linux which is reasonable but may need adjustment on some distros.)
Credentials: noteThe skill itself does not declare required credentials; it correctly delegates API keys to the probtrade skill. Several strategies optionally require external API keys (LLM provider keys, NOAA token, social API keys) — these are documented and optional per-strategy. This is proportionate, but users must supply sensitive keys (prob.trade API key/secret, any LLM keys) for live trading; the skill will act using whatever keys are present via the probtrade skill or env vars.
Persistence & Privilege: okalways:false and normal model invocation settings. The skill does not request permanent platform-wide privileges or modify other skills' configs. Its install writes only the Python binary via brew (standard) and the repository contents; no elevated or stealthy persistence is requested by this skill.