Skillv1.0.0

ClawScan security

polymarketz · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignMar 13, 2026, 12:10 AM

Verdict: Benign
Confidence: medium
Model: gpt-5-mini
Summary: The skill's code, commands, and required resources line up with its stated Polymarket browsing and trading purpose — but trading requires a locally stored private key and the README/script should be reviewed for how that key is created/stored before you use it.
Guidance: This skill appears to do what it claims: public read-only market queries plus optional trading using a local Polygon private key. Before enabling trading, review the scripts/polymarket.py wallet-setup and trade code: confirm whether the private key is stored encrypted or plaintext, check file permissions on ~/.config/polymarket/wallet.json, and inspect any network calls during trading to ensure keys/signatures are handled locally and not exfiltrated. If you prefer lower risk, use the read-only commands only (they require no keys), or create a dedicated wallet with minimal funds and gas for testing instead of using your main funds. If you want higher assurance, run the script in an isolated environment and read the full source to verify no hidden endpoints or telemetry are present.

Review Dimensions

Purpose & Capability: okName/description (Polymarket browsing + trading) match the included script and SKILL.md. The script calls Polymarket domains (gamma-, data-, clob-) and only requires python3. Requesting no cloud credentials or unrelated binaries is consistent with the stated purpose.
Instruction Scope: noteSKILL.md instructs the agent/user to run the provided Python CLI for read-only queries and trading. It explicitly documents wallet setup and the path (~/.config/polymarket/wallet.json). The instructions do not attempt to read unrelated system files or environment variables, but they do direct creation/usage of a local wallet file (sensitive).
Install Mechanism: okNo install spec; this is an instruction-only skill with an included Python script. That's proportionate for a CLI utility — nothing is downloaded at install time and no third-party package installs are requested.
Credentials: concernThe skill requires no environment variables or external credentials, which is appropriate for read-only features. However, trading operations require a private key stored at ~/.config/polymarket/wallet.json per the README. Storing an unencrypted private key on disk is sensitive; the SKILL.md warns the file contains your private key but gives no detail about encryption, permission handling, or whether the key is ever transmitted to non-Polymarket endpoints. This is a proportional need for trading, but high-risk in practice and worth reviewing before using trading features.
Persistence & Privilege: okThe skill does not request always:true and does not declare elevated platform privileges. It writes/reads its own config under the user's home directory (wallet.json), which is normal for a CLI wallet tool but should be considered sensitive.