Security Audit

polymarket

github.com/openclaw/skills

AI SkillCommit 13146e6a3d46

CAUTION

Scanned about 2 months ago

Critical

Immediate action required

High

Priority fixes suggested

Medium

Best practices review

Low

Acknowledged / Tracked

Trust Assessment

polymarket received a trust score of 65/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.

SkillShield's automated analysis identified 2 findings: 1 critical, 0 high, 1 medium, and 0 low severity. Key findings include Untrusted Source for Executable Installation Script, Unpinned Dependency for Executable Binary.

The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. The LLM Behavioral Safety layer scored lowest at 63/100, indicating areas for improvement.

Last analyzed on February 14, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.

Layer Breakdown

Manifest Analysis

100%

Static Code Analysis

100%

Dependency Graph

100%

LLM Behavioral Safety

63%

Behavioral Risk Signals

Network Access

1 finding

Shell Execution

2 findings

Security Findings2

Severity	Finding	Layer	Location
CRITICAL	Untrusted Source for Executable Installation Script The macOS installation instructions for 'openclaw-agent' direct users to copy an installation script from 'glot.io'. Glot.io is a public code-sharing platform and is not a trusted or secure distribution channel for executable code. The content of the script can be changed at any time by the snippet owner, or if the account is compromised, leading to arbitrary code execution on the user's machine without warning. This poses a severe supply chain risk. Distribute the macOS installation script from a trusted, version-controlled source (e.g., a specific release on GitHub, signed package) and provide a checksum for verification. Avoid using public pastebin-like services for distributing executable code.	LLM	SKILL.md:22
MEDIUM	Unpinned Dependency for Executable Binary The Windows download link for 'openclaw-agent' uses '/latest/' in the URL, meaning it is not pinned to a specific version. This allows the maintainer to change the content of the 'latest' release without the user being aware, introducing a potential for malicious updates or unexpected behavior. While GitHub releases offer some integrity, relying on 'latest' for an executable is a supply chain risk. Pin the dependency to a specific version hash or tag (e.g., `v1.2.3/openclaw-agent.zip`) to ensure reproducibility and prevent silent malicious updates. Provide a checksum for the downloaded file.	LLM	SKILL.md:19

Scan History

Embed Code

[![SkillShield](https://skillshield.io/api/v1/badge/ce3166e094d7f52c.svg)](https://skillshield.io/report/ce3166e094d7f52c)