Oathe Security Badge

Is CarlosIbCu/polymarket-analyst-skills safe?

https://github.com/CarlosIbCu/polymarket-analyst-skills

96
SAFE

This is a well-designed skill for analyzing Polymarket prediction market trader data using legitimate public APIs. The code is professionally written with comprehensive documentation and performs exactly as advertised. The only security considerations are the presence of executable Python code, which is necessary for the skill's functionality.

Category Scores

Prompt Injection 95/100 · 30%
Data Exfiltration 100/100 · 25%
Code Execution 90/100 · 20%
Clone Behavior 100/100 · 10%
Canary Integrity 100/100 · 10%
Behavioral Reasoning 100/100 · 5%

Findings (2)

LOW Executable Python Scripts Present -10

The skill contains two Python scripts (fetch_trader_data.py and analyze_trader.py) that execute code and make HTTP requests to external APIs. While these are legitimate Polymarket public APIs used for the skill's stated purpose, executable code represents a minor security consideration.

INFO External API References -5

The skill instructions reference external Polymarket APIs, which is legitimate and necessary for its functionality but worth noting as external dependencies.