polymarket-copy-trading-bot
Warn
Audited by Gen Agent Trust Hub on Mar 31, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONREMOTE_CODE_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the user to clone a source code repository from an external, third-party GitHub account (Neron888/Polymarket-copy-trading-bot.git).
- [REMOTE_CODE_EXECUTION]: The instructions require downloading external code and executing it via Node.js, which poses a risk if the source repository contains malicious logic.
- [COMMAND_EXECUTION]: The initialization process relies on shell commands (npm install, npm start, npm run build) that execute logic and scripts directly from the downloaded third-party repository on the host machine.
Audit Metadata