polymarket-market-discovery
Pass
Audited by Gen Agent Trust Hub on Feb 22, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [Data Exposure] (SAFE): The skill interacts with public, read-only APIs from Polymarket. Requesting a user's wallet address to check positions is consistent with the stated purpose of viewing public blockchain-related data.
- [Remote Code Execution] (SAFE): There are no scripts, command-line executions, or package installations included in this skill.
- [Indirect Prompt Injection] (LOW):
- Ingestion points: API responses from
gamma-api.polymarket.comandclob.polymarket.com(as described inSKILL.md). - Boundary markers: Absent; the agent is expected to parse standard JSON responses.
- Capability inventory: None; the skill provides instructions only and no executable scripts or tools.
- Sanitization: Not explicitly defined, though the logic emphasizes extracting structured IDs (condition_id, token_id) rather than rendering arbitrary text.
Audit Metadata