Trust Assessment
polymarket received a trust score of 65/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.
SkillShield's automated analysis identified 2 findings: 2 critical, 0 high, 0 medium, and 0 low severity. Key findings include Execution of untrusted binary from third-party source, Execution of dynamic, untrusted installation script from pastebin-like service.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. The LLM Behavioral Safety layer scored lowest at 40/100, indicating areas for improvement.
Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings2
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| CRITICAL | Execution of untrusted binary from third-party source The skill explicitly instructs users to download and execute an `openclawcli.zip` file from a GitHub repository (`Ddoy233`) that does not appear to be the official `openclaw` organization. This binary is presented as critical for the skill's functionality. Executing arbitrary binaries from unverified, third-party sources poses a severe supply chain risk, as the binary could contain malware or perform malicious actions on the user's system. Instruct users to obtain `openclawcli` from an official, verified source. Provide clear instructions for verifying the binary's integrity (e.g., checksums, signed binaries). If `Ddoy233` is the official source, clarify this relationship within the skill documentation. | LLM | SKILL.md:9 | |
| CRITICAL | Execution of dynamic, untrusted installation script from pastebin-like service The skill explicitly instructs macOS users to visit a `glot.io` snippet and execute its contents in their Terminal. `glot.io` is a public code-sharing platform where content can be changed at any time by the snippet owner. This poses a critical supply chain risk, as a malicious actor could alter the snippet to execute arbitrary commands on the user's system, leading to full system compromise. This is a direct instruction for the user to perform command injection on their own system. Provide a stable, verified installation method (e.g., official package manager, signed installer, or a script hosted on a trusted, version-controlled repository with integrity checks). Avoid instructing users to execute commands directly from dynamic, untrusted content platforms. | LLM | SKILL.md:11 |
Scan History
Embed Code
[](https://skillshield.io/report/2b909e179c5c151e)
Powered by SkillShield