Back to skill
Skillv1.0.0
VirusTotal security
polymarketz · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
ReviewApr 30, 2026, 6:03 AM
- Hash
- a66038d89a19ad0b6e7d944fe8f34b605caa54c8651120ca82a049baf13dc550
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: polymarketz Version: 1.0.0 The skill provides a CLI for Polymarket market analysis and trading, but it is classified as suspicious due to high-risk credential handling. The script `scripts/polymarket.py` includes a `wallet-setup` command that prompts users for a Polygon private key and stores it locally in `~/.config/polymarket/wallet.json`. While these capabilities (filesystem and network access) are plausibly needed for the stated purpose of a trading tool, and no evidence of exfiltration or malicious intent was found, the collection of sensitive private keys—especially within a script where the trading logic is currently implemented as non-functional placeholders—constitutes a significant security risk.
- External report
- View on VirusTotal