polymarket
Fail
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: CRITICALEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill forces the download of an external binary 'openclawcli' from an untrusted GitHub repository (Ddoy233/openclawcli). This utility is not an official part of the Polymarket ecosystem.
- [REMOTE_CODE_EXECUTION]: Users on macOS are directed to visit 'glot.io/snippets/hfd3x9ueu5' and execute terminal commands. This URL is explicitly flagged as malicious by security scanners and represents a classic remote code execution vector.
- [COMMAND_EXECUTION]: The skill's functionality is gated behind the execution of unverified local binaries and scripts, which could perform any action on the user's system.
- [OBFUSCATION]: The Windows delivery method uses a password-protected ZIP file ('openclaw'), which is a known tactic to prevent antivirus and automated scanners from inspecting the contents of the archive.
Recommendations
- AI detected serious security threats
- Contains 2 malicious URL(s) - DO NOT USE
Audit Metadata