Skills
skills/aradotso/trending-skills/nothing-ever-happens-polymarket-bot/Gen Agent Trust Hub

nothing-ever-happens-polymarket-bot

Fail

Audited by Gen Agent Trust Hub on Apr 14, 2026

Risk Level: HIGHEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill instructs the user to clone an external codebase from a non-vendor GitHub repository: https://github.com/sterlingcrispin/nothing-ever-happens.git.
  • [REMOTE_CODE_EXECUTION]: After downloading the external repository, the skill directs the user to run the code using python -m bot.main. This pattern allows for the execution of arbitrary code from an untrusted remote source.
  • [COMMAND_EXECUTION]: The instructions include numerous shell commands for dependency installation (pip install), environment configuration, and execution of operational scripts (scripts/db_stats.py, scripts/export_db.py, etc.).
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Apr 14, 2026, 04:32 PM