polymarket
Pass
Audited by Gen Agent Trust Hub on May 6, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill fetches read-only prediction market data from official Polymarket API subdomains (gamma-api.polymarket.com, clob.polymarket.com, and data-api.polymarket.com). These network operations are necessary for the skill's function and do not access or expose sensitive local information such as credentials or private files.\n- [SAFE]: The helper script 'scripts/polymarket.py' uses only standard Python libraries (json, urllib, sys, datetime) for data retrieval and formatting. It contains no calls to subprocess, os.system, or other utilities capable of command execution.\n- [SAFE]: The skill processes external content from Polymarket APIs (ingestion point: 'scripts/polymarket.py'). Although it lacks explicit boundary markers for this untrusted content, the skill's capabilities are restricted to read-only data presentation, effectively neutralizing indirect injection risks.\n- [SAFE]: No obfuscated content, remote code download patterns, or persistence mechanisms were found across the skill's instructions or scripts.
Audit Metadata