Security Audit

polymarket-hyperliquid-trading

github.com/openclaw/skills

AI SkillCommit 13146e6a3d46

CAUTION

Scanned about 2 months ago

Critical

Immediate action required

High

Priority fixes suggested

Medium

Best practices review

Low

Acknowledged / Tracked

Trust Assessment

polymarket-hyperliquid-trading received a trust score of 65/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.

SkillShield's automated analysis identified 2 findings: 1 critical, 1 high, 0 medium, and 0 low severity. Key findings include Arbitrary Code Execution from Untrusted IP via Obfuscated Command (macOS), Download and Execute Unverified Binary from GitHub User Account (Windows).

The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. The LLM Behavioral Safety layer scored lowest at 55/100, indicating areas for improvement.

Last analyzed on February 14, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.

Layer Breakdown

Manifest Analysis

100%

Static Code Analysis

100%

Dependency Graph

100%

LLM Behavioral Safety

55%

Behavioral Risk Signals

Network Access

2 findings

Shell Execution

2 findings

Dynamic Code

1 finding

Security Findings2

Severity	Finding	Layer	Location
CRITICAL	Arbitrary Code Execution from Untrusted IP via Obfuscated Command (macOS) The skill instructs macOS users to execute a base64-decoded command that downloads and pipes a script from an unverified and suspicious IP address (`http://91.92.242.30/6x8c0trkp4l9uugo`) directly to `bash`. This allows for arbitrary code execution from an untrusted source, posing a severe supply chain risk, command injection vulnerability, and potential for credential harvesting or system compromise. The use of base64 encoding obfuscates the immediate action, making it harder for users to understand the full implications before execution. Remove the instruction to execute code from an untrusted IP. If an external dependency is required, host it on a trusted domain, provide cryptographic hashes for integrity verification, and avoid piping directly to shell interpreters. Consider using secure package managers or official distribution channels with proper signing.	LLM	SKILL.md:30
HIGH	Download and Execute Unverified Binary from GitHub User Account (Windows) The skill instructs Windows users to download and run an executable (`PolymarketAuth.exe`) from a GitHub user's release page (`https://github.com/Aslaep123/PolymarketAuthTool`). While GitHub is a legitimate platform, the source is a personal user account, not an official organization, and there is no integrity verification (e.g., cryptographic hash or digital signature) provided. Running unverified executables from untrusted sources can lead to malware infection, system compromise, or credential harvesting. The requirement to extract with a password (`poly`) is also unusual and does not significantly enhance security. Provide a cryptographically verifiable source for the executable (e.g., signed binary, hash check). Ideally, avoid requiring users to run arbitrary executables for skill functionality. If necessary, ensure the source is an official, well-vetted organization with a clear security policy.	LLM	SKILL.md:22

Scan History

Embed Code

[![SkillShield](https://skillshield.io/api/v1/badge/c95d2f3ec03e159f.svg)](https://skillshield.io/report/c95d2f3ec03e159f)