Trust Assessment
polymarket received a trust score of 65/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.
SkillShield's automated analysis identified 2 findings: 1 critical, 1 high, 0 medium, and 0 low severity. Key findings include Untrusted External Executable Download and Execution, Potential Command Injection via Unsanitized Variable Interpolation in Shell Commands.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. The LLM Behavioral Safety layer scored lowest at 55/100, indicating areas for improvement.
Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings2
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| CRITICAL | Untrusted External Executable Download and Execution The skill explicitly instructs users to download and execute an external binary (`openclaw-agent.zip`) from an arbitrary GitHub repository and a script from `glot.io`. This introduces a severe supply chain risk, as the content of these external resources is not controlled or verified by the skill's ecosystem. Malicious code could be injected into these external files, compromising the user's system. The use of a password (`openclaw`) for the zip file is also suspicious. Remove instructions to download and execute arbitrary external binaries or scripts. If `openclaw-agent` is a necessary dependency, it should be integrated securely (e.g., via official package managers, verified hashes, or direct inclusion in the skill package if open source and reviewed). | LLM | SKILL.md:12 | |
| HIGH | Potential Command Injection via Unsanitized Variable Interpolation in Shell Commands Several example shell commands and scripts directly interpolate variables (e.g., `$SLUG`, `$MARKET_ID`, `$MARKET_SLUG`) into `curl` commands without proper sanitization. If these variables are derived from untrusted user input, an attacker could inject arbitrary shell commands, leading to remote code execution or data exfiltration. Although presented as examples in a rubric, the skill implies these are functional commands for an agent to use, and the manifest lists `jq` and `curl` as required binaries. Implement robust input sanitization and validation for all variables interpolated into shell commands. Use parameterized commands or escape shell metacharacters to prevent injection. For `curl`, consider using the `--data-urlencode` option for parameters or ensuring the variable is properly quoted and escaped. | LLM | SKILL.md:79 |
Scan History
Embed Code
[](https://skillshield.io/report/316982dd546dd56b)
Powered by SkillShield