Skillv1.0.1

ClawScan security

Polymarket Monitor · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

BenignFeb 23, 2026, 12:08 PM

Verdict: Benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's code, instructions, and requirements are consistent with a Polymarket monitoring/alerting tool: it only reads public Polymarket endpoints and sends alerts via the agent's messaging tool, and it requests no extra credentials or installs.
Guidance: This skill appears internally consistent and low-risk: it fetches public Polymarket endpoints and posts alerts via the agent's messaging tool. Before installing, consider: (1) the agent will create recurring cron jobs that make network requests and can send Slack DMs — confirm you trust the agent's Slack integration and that the message tool has only the permissions you expect; (2) test with a low-frequency schedule and a safe/test Slack channel or user ID; (3) you can run the included Python script locally first to verify behavior; (4) the package has no homepage and an unknown owner—if provenance matters to you, ask the publisher for more information. If you decide to proceed, ensure you know how to cancel the cron job (cron remove <id>) and verify the agent's delivery and alerting behavior on initial runs.

Purpose & Capability: okName/description match the included script and SKILL.md. The skill only needs read-only access to public Polymarket APIs and the ability to send alerts — nothing requested or included is extraneous to that purpose.
Instruction Scope: okSKILL.md confines actions to searching Polymarket, fetching market pages, parsing yes/no probabilities, and sending Slack DMs when thresholds are crossed. It does instruct creating a cron job for periodic checks, but does not ask the agent to read local files, other environment variables, or transmit data to unexpected endpoints.
Install Mechanism: okNo install spec; the only code is a small Python script included in the package. No external downloads, archives, or package installs are requested.
Credentials: okThe skill declares no required environment variables or credentials. It relies on the agent platform's messaging tool to send Slack DMs; that is appropriate for an alerting skill, but platform-level messaging credentials are not requested by the skill itself.
Persistence & Privilege: okalways:false (default). The skill's recommended behavior is to install a cron task for periodic checks — this is expected for a monitor/alerting skill and does not modify other skills or system-wide configs.