Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
pmbuysell-polymarket
v1.0.3Executes Polymarket (pmbuysell) trade/balance via CLI or Python API. Use when the user or model needs to trade or query balances/positions. Auto-redeem is a...
⭐ 0· 213·0 current·0 all-time
bytaro@yutou123
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
high confidencePurpose & Capability
The skill's stated purpose (execute Polymarket trades) legitimately requires private keys/funder addresses and optional builder/relayer creds; the code and SKILL.md expect a .env with PM_ACCOUNT_IDS and ACCx_PRIVATE_KEY/ACCx_FUNDER. However the registry metadata lists no required environment variables or primary credential — an incoherence that could mislead users about the sensitive data this skill needs.
Instruction Scope
SKILL.md confines instructions to running included CLIs and editing/initializing pmbuysell/.env in the project root, which is consistent with trading functionality. The instructions explicitly ask the agent to load private keys from .env (sensitive). They do not instruct reading arbitrary unrelated system files, but they do direct the agent to place secrets in a file that the skill will read and use to sign transactions — behavior that has real financial impact and should be limited to trusted environments.
Install Mechanism
No network download/install mechanism is embedded in the skill bundle; it's instruction-plus-source with a requirements.txt listing common packages (py-clob-client, web3, requests, python-dotenv). There is no use of external download URLs or archive extraction in the manifest.
Credentials
The code requires highly sensitive environment values (private keys ACCx_PRIVATE_KEY and funder addresses) and may optionally use builder API creds and RELAYER_URL for redeem functionality. Those credentials are proportionate to the stated trading purpose, but the registry metadata claims 'none' for required env vars/credentials, which is misleading and dangerous for less-technical users who may not realize they must supply private keys.
Persistence & Privilege
The skill does not request platform-wide 'always' presence and defaults permit autonomous invocation (platform default). The client caches derived API credentials to disk under pmbuysell/data (or a fallback file), which stores API keys/secrets locally — expected for convenience but a persistence/privacy consideration. The skill does not modify other skills or global agent config.
What to consider before installing
This skill will read private keys and funder addresses from pmbuysell/.env and use them to sign/send real trades. The registry metadata incorrectly lists no required credentials — do not trust that. Only install/use this skill if you are deliberate about giving it access to private keys: prefer test accounts/funds, inspect the .env file location, and keep the project directory on a secure host. Be aware the skill caches derived API credentials to pmbuysell/data on disk (may contain secrets) and that an agent invoking the skill can place on-chain orders. If you cannot review the code or don't want automated trading access to private keys, do not install or provide real keys.Like a lobster shell, security has layers — review code before you run it.
latestvk97569vaer7859f7j2zf979k7x82raz4
License
MIT-0
Free to use, modify, and redistribute. No attribution required.