Trade on Polymarket prediction markets. Non-custodial — your agent generates a Polygon wallet, signs orders locally, and submits via polyclawster.com relay (...
Security Analysis
medium confidenceThe skill's code and instructions mostly match a non‑custodial Polymarket trading agent, but there are a few unresolved items (notably the setup/registration step and wide on‑chain approvals) that you should validate before trusting it with funds or running it autonomously.
Name/description match the code: scripts generate a local Polygon wallet, sign orders locally (ethers.Wallet), call polyclawster.com relay/APIs and Polymarket CLOB. Requested binaries and network hosts align with trading on Polygon/Polymarket.
Most runtime instructions are scoped to trading: generate wallet, swap POL→USDC.e, approve contracts, sign orders locally, post to polyclawster.com. However the critical setup script (scripts/setup.js) was not included in the inspected snippets; loadConfig() and setup/registration paths are central to security (they read/write ~/.polyclawster/config.json). You should review setup.js to confirm it does not transmit the private key or store secrets to remote servers during registration.
No install spec (instruction-only) but package.json/package-lock are present and list npm deps (ethers, @polymarket/clob-client). Installing will pull packages from npm (expected). This is a moderate risk (typical) — verify dependencies and prefer installing in a sandboxed environment before running with real funds.
No environment variables are requested; the skill uses a local config file (~/.polyclawster/config.json) to store privateKey and CLOB creds (chmod 600 recommended in README). This is proportionate to a non‑custodial agent but the secret storage location is sensitive — confirm the config is only written locally and not POSTed to third parties by setup.js.
always:false (normal). The skill supports autonomous trading (auto.js) and is intended to be run on a schedule; combined with the ability to hold and sign transactions this gives it direct control over funds while active. This is expected for a trading agent but is high-impact if buggy or malicious—recommend demo mode and restricted cron settings first.
Guidance
What to check before installing: - Review scripts/setup.js (not fully shown) to ensure it does not exfiltrate the private key or upload secrets to polyclawster.com during registration. The README claims the private key never leaves your machine, but you must verify the code path that registers the agent. - Inspect ~/.polyclawster/config.json after setup to confirm privateKey and API secrets remain local and have safe permissions (chmod 600). - Run the skill in demo/dry-run mode first (auto.js --demo or --dry-run) and test with the $10 demo balance before risking real funds. - Review on‑chain approvals: approve.js sets infinite allowances (MaxUint256) and setApprovalForAll for several operator addresses (including a 'Neg Risk Adapter'); infinite approvals are common but increase risk if the approved contract is malicious — verify the spender addresses and audit/confirm Polymarket/adapter contracts yourself. - Verify polyclawster.com is a trustworthy relay (look up project, code repo, and operators). The relay sees signed orders and agent metadata; if you don't trust the relay you can still trade directly but may need to adapt the scripts. - Audit npm dependencies (ethers, @polymarket/clob-client and their transitive deps) or run in an isolated environment. Prefer running the code in a disposable VM or container while evaluating. - Because the agent can be scheduled to trade autonomously, restrict its runtime (limit cron/agent permissions, monitoring, loss limits) until you are comfortable with behavior. If you want, I can: (a) scan the omitted setup.js for suspicious behavior if you paste it, (b) list the specific on‑chain addresses the code approves so you can look them up, or (c) suggest safe steps to sandbox and test this skill.
Latest Release
v1.5.0
POL funding flow, auto-swap POL→USDC.e, updated README and SKILL.md
More by @al1enjesus
Published by @al1enjesus on ClawHub
