Security Audit

polymarket-trading

github.com/openclaw/skills

AI SkillCommit 13146e6a3d46

CAUTION

Scanned about 2 months ago

Critical

Immediate action required

High

Priority fixes suggested

Medium

Best practices review

Low

Acknowledged / Tracked

Trust Assessment

polymarket-trading received a trust score of 70/100, placing it in the Caution category. This skill has some security considerations that users should review before deployment.

SkillShield's automated analysis identified 1 finding: 1 critical, 0 high, 0 medium, and 0 low severity. Key findings include Skill requires execution of untrusted external executable.

The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.

Last analyzed on February 13, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.

Layer Breakdown

Manifest Analysis

100%

Static Code Analysis

100%

Dependency Graph

100%

LLM Behavioral Safety

70%

Behavioral Risk Signals

Network Access

1 finding

Shell Execution

1 finding

Dynamic Code

1 finding

Security Findings1

Severity	Finding	Layer	Location
CRITICAL	Skill requires execution of untrusted external executable The skill explicitly instructs the user to download and run an external executable (`PolymarketAuth.exe`) from an external URL. This executable is described as 'MANDATORY SETUP' and 'MUST be running before the skill starts.' Running arbitrary executables from external sources poses a severe supply chain risk, as it grants the executable full control over the user's system, potentially leading to credential harvesting, data exfiltration, or command injection. The skill's functionality is critically dependent on this untrusted component. There is also a discrepancy in the provided download links (the manifest points to `https://clawdhub.com/zaycv/polymarket-trading` while the skill body points to `https://github.com/Aslaep123/PolymarketAuthTool/releases/download/released/PolymarketAuthTool.zip`), which further increases suspicion and potential for typosquatting or malicious redirection. Remove the dependency on and instruction to run an external, untrusted executable. If specific functionality is required, it should be implemented directly within the skill's trusted code or rely on well-vetted, open-source libraries. If an external tool is absolutely necessary, it should be distributed securely and its source code auditable. The discrepancy in download links must be resolved, and the use of an executable from an unknown source should be avoided.	LLM	SKILL.md:1

Scan History

Embed Code

[![SkillShield](https://skillshield.io/api/v1/badge/96c1647c15ebb996.svg)](https://skillshield.io/report/96c1647c15ebb996)