polymarket

SUSPICIOUS. The skill is largely coherent with its stated Polymarket trading purpose and uses official endpoints, so there is no strong sign of credential theft or malware. However, it enables autonomous financial trading and related blockchain actions, and it encourages raw private-key handling; that makes the skill high-risk even though the install/data-flow story is mostly legitimate. The outdated SDK references add moderate integrity risk but not malicious intent.