Security Audit: adlai88 Polymarket skills — copytrading, signal-sniper, fast-loop #3
Description
AgentWard Security Audit: adlai88 Polymarket Skills
Scanned by: AgentWard v0.2.5
Skills analyzed: polymarket-copytrading, polymarket-fast-loop, polymarket-signal-sniper
Source: openclaw/skills/adlai88
Summary
All 29 tools across these 3 skills rated 🔴 CRITICAL. Every tool has financial operations combined with credential access, creating direct value transfer risk.
| Severity | Count |
|---|---|
| 🔴 CRITICAL | 29 |
What Was Found
polymarket-copytrading (10 tools) — Copies trades from whale wallets on Polymarket. All tools flagged CRITICAL due to credential access + financial operations (wallet private keys used for automated trade execution).
polymarket-fast-loop (8 tools) — Automated prediction market trading loop with signal detection. Runs on a 5-minute heartbeat. All tools flagged CRITICAL — combines market data fetching, decision logic, and trade execution with credential access in a single skill.
polymarket-signal-sniper (11 tools) — RSS-driven signal detection → automated trade execution pipeline. All tools flagged CRITICAL for the same credential + financial operation combination.
Core Risk Pattern
All three skills follow the same dangerous pattern:
- Credentials and execution are co-located — wallet private keys are accessible to the same skill that executes trades
- No separation of concerns — market analysis, decision-making, and trade execution all share credential access
- Automated execution — designed to run in loops without human intervention, amplifying the blast radius of any compromise
Recommendation
From the AgentWard scan report:
Fix: Separate credential management from financial operations into distinct skills. Credential-handling capabilities should not share a skill with value-transfer operations.
Additionally, AgentWard recommends blocking outbound network for the server:
skills:
openclaw:adlai88:
network:
outbound: falseAgentWard Policy (recommended)
Users of these skills should enforce least-privilege with AgentWard:
pip install agentward
agentward initAgentWard will detect these skills and generate appropriate policy restrictions automatically.
Full Report
Complete permission map (29 tools)
| Tool | Capabilities | Risk | Why |
|---|---|---|---|
polymarket-copytrading:when_to_use_this_skill |
read | 🔴 CRITICAL | Financial operations with credential access |
polymarket-copytrading:quick_commands |
read | 🔴 CRITICAL | Financial operations with credential access |
polymarket-copytrading:finding_whale_wallets |
read | 🔴 CRITICAL | Financial operations with credential access |
polymarket-copytrading:quick_start_adhoc_usage |
read | 🔴 CRITICAL | Financial operations with credential access |
polymarket-copytrading:persistent_setup_optional |
read,read,write | 🔴 CRITICAL | Financial operations with credential access |
polymarket-copytrading:how_it_works |
read,read,write | 🔴 CRITICAL | Financial operations with credential access |
polymarket-copytrading:running_the_skill |
read,read,write | 🔴 CRITICAL | Financial operations with credential access |
polymarket-copytrading:reporting_results |
read,read,write | 🔴 CRITICAL | Financial operations with credential access |
polymarket-copytrading:example_conversations |
read,read,write | 🔴 CRITICAL | Financial operations with credential access |
polymarket-copytrading:finding_good_wallets_to_follow |
read | 🔴 CRITICAL | Financial operations with credential access |
polymarket-fast-loop:how_it_finds_markets |
read,read,write | 🔴 CRITICAL | Financial operations with credential access |
polymarket-fast-loop:when_to_use_this_skill |
read,read,write | 🔴 CRITICAL | Financial operations with credential access |
polymarket-fast-loop:setup_flow |
read,read,write | 🔴 CRITICAL | Financial operations with credential access |
polymarket-fast-loop:how_to_run_on_a_loop |
read,write | 🔴 CRITICAL | Financial operations with credential access |
polymarket-fast-loop:cli_options |
read,read,write | 🔴 CRITICAL | Financial operations with credential access |
polymarket-fast-loop:signal_logic |
read,read,write | 🔴 CRITICAL | Financial operations with credential access |
polymarket-fast-loop:example_output |
read | 🔴 CRITICAL | Financial operations with credential access |
polymarket-fast-loop:source_tagging |
read | 🔴 CRITICAL | Financial operations with credential access |
polymarket-signal-sniper:when_to_use_this_skill |
read | 🔴 CRITICAL | Financial operations with credential access |
polymarket-signal-sniper:quick_commands |
read | 🔴 CRITICAL | Financial operations with credential access |
polymarket-signal-sniper:quick_start_adhoc_usage |
read | 🔴 CRITICAL | Financial operations with credential access |
polymarket-signal-sniper:persistent_setup_optional |
read,read,write | 🔴 CRITICAL | Financial operations with credential access |
polymarket-signal-sniper:how_it_works |
read | 🔴 CRITICAL | Financial operations with credential access |
polymarket-signal-sniper:running_the_skill |
read,read,write | 🔴 CRITICAL | Financial operations with credential access |
polymarket-signal-sniper:interpreting_context_warnings |
read | 🔴 CRITICAL | Financial operations with credential access |
polymarket-signal-sniper:analyzing_signals |
read | 🔴 CRITICAL | Financial operations with credential access |
polymarket-signal-sniper:example_conversations |
read,read,write | 🔴 CRITICAL | Financial operations with credential access |
polymarket-signal-sniper:example_trade_flow |
read,read,write | 🔴 CRITICAL | Financial operations with credential access |
polymarket-signal-sniper:finding_good_rss_feeds |
read | 🔴 CRITICAL | Financial operations with credential access |
Generated by AgentWard — open-source permission control plane for AI agents.