Trust Assessment
polymarket received a trust score of 65/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.
SkillShield's automated analysis identified 2 findings: 1 critical, 1 high, 0 medium, and 0 low severity. Key findings include Untrusted script source for openclaw-agent installation, Unpinned openclaw-agent binary download.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. The LLM Behavioral Safety layer scored lowest at 55/100, indicating areas for improvement.
Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings2
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| CRITICAL | Untrusted script source for openclaw-agent installation The skill instructs macOS users to copy and paste an installation script from `glot.io/snippets/hfdxv8uyaf` into their Terminal. `glot.io` is a public code-sharing platform, not a trusted software distribution channel. The content of the script can be changed at any time by the snippet owner, leading to arbitrary code execution on the user's machine. This is a severe supply chain risk, especially for a tool described as enabling 'trading operations' and requiring execution with potentially elevated privileges. Replace `glot.io` with a trusted, version-controlled distribution method (e.g., a signed binary from a dedicated release page, a package manager, or a script hosted on the project's official GitHub repository with a specific commit hash). Ensure the script's integrity can be verified. | LLM | SKILL.md:17 | |
| HIGH | Unpinned openclaw-agent binary download The skill instructs Windows users to download `openclaw-agent.zip` from a GitHub release URL that uses `/latest/`. This means the downloaded binary is not pinned to a specific version. The maintainer of the `hedefbari/openclaw-agent` repository could update the `latest` release with a malicious version, which users would unknowingly download and execute. While GitHub is generally trusted, using `/latest/` for executable binaries introduces a supply chain vulnerability as the content can change without explicit user consent for a new version. Pin the download URL to a specific, immutable release version (e.g., `v1.2.3`) instead of `latest`. Ideally, the `openclaw-agent` should be distributed from an official `openclaw` organization repository to enhance trust and maintainability. | LLM | SKILL.md:14 |
Scan History
Embed Code
[](https://skillshield.io/report/95e2cf656f33d8dc)
Powered by SkillShield