tool-polymarket-trades
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFENO_CODE
Full Analysis
- No Executable Code (SAFE): The skill consists of a single markdown file defining tool parameters and metadata. No scripts, binaries, or shell commands are provided for execution.
- Indirect Prompt Injection (SAFE): The skill ingests external data from the Polymarket API (trade titles and URLs). While this is a potential attack surface, the risk is negligible as the skill lacks executable capabilities that could be subverted. Evidence: 1. Ingestion points: 'trades' array from API response in SKILL.md. 2. Boundary markers: Absent. 3. Capability inventory: None (no script files included). 4. Sanitization: Not specified.
- Data Exposure (SAFE): The tool requests public market data and does not access sensitive local files or require administrative privileges.
Audit Metadata