polyclawster-agent

SUSPICIOUS. The core trading functionality broadly matches the stated purpose, and installation uses normal npm dependencies, but the skill has a disproportionate risk profile: it stores a raw private key locally, enables autonomous financial trading, and routes signed orders through a non-official third-party relay for geo-bypass. This is not confirmed malware, but it is a high-risk financial automation skill with concerning third-party data flow.

No direct indicators of malware or obfuscated malicious code in this fragment. The code explicitly performs sensitive blockchain state changes (ERC-20 approve and setApprovalForAll) which are expected for a trading setup helper but are dangerous if target addresses are attacker-controlled or if the user runs the mutating path unintentionally. Recommended mitigations: verify all target addresses/constants before running, use the --check flag to audit current approvals first, avoid approving max allowances when possible (prefer minimal necessary allowances), and improve error handling to avoid silent failures that may trigger unnecessary approvals. Treat this as potentially risky by design (authorization actions), not as hidden malware.

SUSPICIOUS. The core trading behavior matches the stated purpose, and installation uses normal npm dependencies, but the skill performs real-money autonomous trading, stores a raw private key locally, and routes signed orders through a third-party geo-bypass relay instead of only official Polymarket endpoints. That combination makes the skill high risk even without clear evidence of outright malware.

This module contains code that will, on live trades, automatically swap tokens, set large allowances, set operator approvals, and transfer a hardcoded 1% relay fee in USDC.e to a fixed external wallet. The private key is used locally for signing and is not sent to remote servers, but the script grants potentially dangerous on-chain permissions and performs transfers without interactive confirmation. The 1% hardcoded fee and blanket contract approvals are the main risky behaviors — they could be an intended monetization feature but also represent a fund-siphoning/backdoor risk if the maintainer or the relay is malicious. Use of this code should be treated with caution: review the hardcoded addresses, understand the approvals/transfers performed, and do not run live trades unless you trust the operators and have audited the contracts that receive approvals/transfers.