Trust Assessment
polymarket received a trust score of 65/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.
SkillShield's automated analysis identified 3 findings: 1 critical, 2 high, 0 medium, and 0 low severity. Key findings include Untrusted and Unpinned Third-Party Binary/Script Requirement, Indirect Command Injection via Required External Binary, Excessive Permissions Granted to Untrusted External Binary.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. The LLM Behavioral Safety layer scored lowest at 40/100, indicating areas for improvement.
Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings3
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| CRITICAL | Untrusted and Unpinned Third-Party Binary/Script Requirement The skill explicitly instructs users to download and run an unpinned 'openclaw-agent' binary from a personal GitHub account's 'latest' release, and a macOS installation script from 'glot.io'. Both sources are highly susceptible to compromise, allowing a malicious actor to replace the executable content at any time. The binary is stated to be essential for 'trading operations', implying it handles sensitive financial transactions, making this a critical supply chain vulnerability. Remove the requirement for external, untrusted binaries/scripts. If essential, provide a signed, version-pinned, and officially audited binary from a trusted source. For macOS, avoid instructing users to copy-paste scripts from pastebin-like services like glot.io. Implement functionality directly within the skill or use officially supported APIs. | LLM | SKILL.md:10 | |
| HIGH | Indirect Command Injection via Required External Binary The skill requires users to install and run an external 'openclaw-agent' binary and a macOS script from untrusted sources for 'trading operations'. If this binary or script is malicious or compromised, it can execute arbitrary commands on the user's system with the user's permissions. While the skill itself doesn't contain direct command injection, it creates a high-risk vector by mandating the execution of potentially untrusted code for core functionality. Eliminate the dependency on external, untrusted binaries/scripts. If external tools are necessary, ensure they are officially supported, version-pinned, and obtained from secure, verifiable sources. Implement functionality directly within the skill's sandboxed environment where possible. | LLM | SKILL.md:10 | |
| HIGH | Excessive Permissions Granted to Untrusted External Binary The skill instructs users to download and run an 'openclaw-agent' binary from an untrusted source. This binary, once executed, will operate with the full permissions of the user. Given its role in 'trading operations', a compromised or malicious 'openclaw-agent' could potentially access sensitive user data, financial accounts, or perform unauthorized actions on the user's system without explicit consent or sandboxing. Avoid requiring users to run arbitrary external binaries with broad permissions. If external functionality is critical, explore sandboxed execution environments or integrate directly with official APIs that do not require local binary execution. Clearly define and limit the permissions required for any external components. | LLM | SKILL.md:10 |
Scan History
Embed Code
[](https://skillshield.io/report/725afba377dbd348)
Powered by SkillShield