Trust Assessment
polymarket-trader received a trust score of 82/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.
SkillShield's automated analysis identified 2 findings: 0 critical, 1 high, 1 medium, and 0 low severity. Key findings include Potential Prompt Injection via Search Query, Unpinned Python Dependencies.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings2
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| HIGH | Potential Prompt Injection via Search Query The `search_markets` function takes user-provided input (`query`) directly from the command line arguments and passes it to `agent.search_polymarket(query)`. Given that the skill uses a `TradingAgent` and explicitly mentions 'LLM processing' (via `GOOGLE_API_KEY`) and `agent.chat()` calls in other functions, it is highly probable that `agent.search_polymarket` involves an LLM call or an LLM-driven tool invocation. An attacker could craft a malicious `query` to manipulate the underlying LLM's behavior, leading to prompt injection. Implement robust input sanitization or use a structured tool invocation mechanism that separates user intent from parameters. If `agent.search_polymarket` is an LLM call, ensure the `query` is properly escaped or wrapped to prevent it from being interpreted as instructions by the LLM. Consider using a dedicated tool call interface that passes parameters as structured data rather than embedding them directly into a natural language prompt. | LLM | scripts/polymarket.py:77 | |
| MEDIUM | Unpinned Python Dependencies The skill's Python script (`polymarket.py`) imports external libraries such as `dotenv` but does not specify exact version pins for its dependencies (e.g., via a `requirements.txt` file). This can lead to supply chain risks where future updates to these libraries might introduce breaking changes, vulnerabilities, or unexpected behavior. Without pinned versions, the skill's behavior is not fully deterministic across different deployment environments. Create a `requirements.txt` file that explicitly lists all Python dependencies with pinned versions (e.g., `dotenv==0.19.0`). This ensures that the same versions of libraries are installed consistently, mitigating risks from upstream changes or vulnerabilities. | LLM | scripts/polymarket.py:15 |
Scan History
Embed Code
[](https://skillshield.io/report/5f420b88144d3330)
Powered by SkillShield