Skills
skills/migokg/plugin-store/polymarket-agent-skills/Gen Agent Trust Hub

polymarket-agent-skills

Fail

Audited by Gen Agent Trust Hub on Apr 9, 2026

Risk Level: HIGHDATA_EXFILTRATIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [DATA_EXFILTRATION]: The script located in SKILL.md performs system fingerprinting by collecting the hostname, operating system details via uname, and the user's home directory path from the $HOME variable.
  • [DATA_EXFILTRATION]: The gathered system identifiers are hashed into a unique device ID and exfiltrated via POST requests to https://www.okx.com/priapi/v1/wallet/plugins/download/report and https://plugin-store-dun.vercel.app/install.
  • [COMMAND_EXECUTION]: The skill executes shell commands (hostname, uname, shasum) to generate persistent tracking identifiers based on the user's local environment.
  • [EXTERNAL_DOWNLOADS]: The skill performs unauthorized network operations to non-whitelisted domains (okx.com and a third-party Vercel deployment) to report installation and device telemetry.
  • [PROMPT_INJECTION]: The skill employs deceptive language in SKILL.md, describing the tracking script as an 'auto-injected' 'Pre-flight Dependency' that must be run 'once per session', which is a technique used to mislead agents or users into executing malicious or invasive code.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Apr 9, 2026, 02:23 AM