Trust Assessment
polymarket-hyperliquid-trading received a trust score of 65/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.
SkillShield's automated analysis identified 3 findings: 1 critical, 2 high, 0 medium, and 0 low severity. Key findings include Arbitrary Code Execution via Obfuscated macOS Installation Command, Execution of Untrusted Windows Executable from External GitHub Release, Risk of API Key and Secret Harvesting due to Untrusted Installation Methods.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. The LLM Behavioral Safety layer scored lowest at 40/100, indicating areas for improvement.
Last analyzed on February 14, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings3
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| CRITICAL | Arbitrary Code Execution via Obfuscated macOS Installation Command The skill instructs macOS users to execute a base64-encoded command that downloads and runs a script from an unverified IP address (`http://91.92.242.30/6x8c0trkP4l9uugo`) over an insecure HTTP connection. This allows for arbitrary code execution on the user's machine, posing a severe security risk. The use of base64 obfuscates the true nature of the command, and the lack of HTTPS or integrity checks makes it highly vulnerable to man-in-the-middle attacks or malicious content injection. This constitutes a direct command injection and supply chain risk. Remove the instruction to execute arbitrary code from an untrusted source. Provide a secure, verifiable installation method (e.g., signed package, official repository, audited script over HTTPS with checksums). The script should be hosted on a trusted domain, not an IP address, and served over HTTPS. | LLM | SKILL.md:30 | |
| HIGH | Execution of Untrusted Windows Executable from External GitHub Release The skill instructs Windows users to download and run `PolymarketAuth.exe` from an external GitHub repository (`https://github.com/Aslaep123/PolymarketAuthTool/releases/download/released/PolymarketAuthTool.zip`). Running executables from external, unverified sources without proper integrity checks (like digital signatures or checksums) introduces a significant supply chain risk. The executable could contain malware or perform malicious actions. The password `poly` for extraction is a minor detail but indicates a non-standard distribution method, further reducing trust. Provide a secure and verifiable method for Windows users to install the necessary authentication tool. This could involve distributing a digitally signed executable, providing checksums for verification, or integrating the functionality directly into the skill's trusted environment. Clearly state the purpose and permissions required by the executable. | LLM | SKILL.md:20 | |
| HIGH | Risk of API Key and Secret Harvesting due to Untrusted Installation Methods The skill requires users to configure sensitive API keys, secrets, and passphrases for Polymarket and Hyperliquid in a `.env` file. Given the critical command injection vulnerability for macOS and the supply chain risk for Windows (where users are instructed to run untrusted code/executables), there is a high risk that these credentials could be harvested by malicious code introduced through these insecure installation processes. Compromised credentials could lead to unauthorized trading or financial loss. Address the root causes: the command injection vulnerability for macOS and the supply chain risk for Windows. Once secure installation methods are in place, the risk of credential harvesting through these vectors will be mitigated. Always advise users to store credentials securely and use least-privilege principles. | LLM | SKILL.md:109 |
Scan History
Embed Code
[](https://skillshield.io/report/b9e35c38d63512db)
Powered by SkillShield