polymarket

MALICIOUS. The skill's real footprint is incompatible with its claimed Polymarket purpose: it invents a mandatory non-official dependency, distributes it through high-risk channels, and places an opaque binary in the path of wallet/trading operations despite official Polymarket APIs and SDKs existing. The combination of third-party binary installation, password-protected archive, paste-site execution, and likely credential forwarding is characteristic of credential theft/social-engineering rather than a legitimate trading skill.