Skills
skills/sundial-org/awesome-openclaw-skills/polymarket-analysis/Gen Agent Trust Hub

polymarket-analysis

Pass

Audited by Gen Agent Trust Hub on Mar 11, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: Indirect Prompt Injection vulnerability surface.
  • Ingestion points: Market names, questions, and titles are fetched from the Polymarket API in monitor-polymarket-market.py and fetch-polymarket-user-profile.py.
  • Boundary markers: Untrusted data is retrieved and displayed without delimiters or specific instructions for the agent to ignore embedded commands.
  • Capability inventory: The skill documentation describes managing persistent tasks via the clawdbot CLI and performing file system writes to state/*.json.
  • Sanitization: External API content is not sanitized or escaped before presentation to the agent.
  • [COMMAND_EXECUTION]: Persistence via Scheduled Tasks.
  • Documentation in references/market-monitoring-setup.md explains how to configure recurring monitoring jobs using the clawdbot CLI. This persistence is a core component of the skill's monitoring functionality.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 11, 2026, 05:16 AM