From 27c8cb359738f4d16623e4468ca5c1b323d63275 Mon Sep 17 00:00:00 2001
From: shoko <270575765+shokollm@users.noreply.github.com>
Date: Wed, 25 Mar 2026 09:27:28 +0000
Subject: [PATCH] Add security audit to polymarket-browse review

CRITICAL: Telegram bot token exposed in process command line
HIGH: HTML injection in Telegram messages
MEDIUM: Insufficient --search URL encoding
MEDIUM: No bounds check on --detail
MEDIUM: Potential DoS via large API response
LOW: Bare except: clauses
LOW: No API rate limiting

Includes fix recommendations and immediate actions for users.
---
 .../polymarket-browse/reviews/2026-03-25.md   | 289 +++++++++++++++++-
 1 file changed, 288 insertions(+), 1 deletion(-)

diff --git a/skills/polymarket-browse/reviews/2026-03-25.md b/skills/polymarket-browse/reviews/2026-03-25.md
index 380f945..daab511 100644
--- a/skills/polymarket-browse/reviews/2026-03-25.md
+++ b/skills/polymarket-browse/reviews/2026-03-25.md
@@ -377,7 +377,294 @@ def test_converged_market_filter():
 
 ---
 
-## Appendix A: Longest Lines in browse.py (for targeted refactoring)
+## 6. Security Audit
+
+### 6.1 Severity Classification
+
+| Severity | Meaning |
+|----------|---------|
+| CRITICAL | Immediate action required. Users should stop using the skill until fixed. |
+| HIGH | Serious vulnerability. Fix as soon as possible. |
+| MEDIUM | Moderate issue. Fix in normal development cycle. |
+| LOW | Minor issue. Fix when convenient. |
+
+---
+
+### 6.2 CRITICAL: Telegram Bot Token Exposed in Process Listings
+
+**Location:** Lines 598-606 (`send_to_telegram()`)
+
+**Description:**
+The Telegram bot token is passed as a subprocess argument to `curl`, making it visible in the process command line. On any Unix system, any user can view all running processes' command lines via `ps aux` or `/proc/*/cmdline`.
+
+**Proof of Concept:**
+```bash
+# While the script is running (or just after it finishes):
+ps aux | grep curl
+
+# Output reveals token:
+# curl -s https://api.telegram.org/bot123456789:ABCdefGHI/sendMessage -d chat_id=... -d text=...
+```
+
+**Impact:**
+- Any user on a shared system can steal the bot token
+- Attacker can send arbitrary messages from the bot
+- Attacker can use the bot for spam, phishing, or social engineering
+- If the bot is in group chats, attacker can extract member information
+
+**Fix:**
+Use curl with `--oauth2-bearer` or environment variable approach. The bot token should NEVER appear in the command line. Recommended fix:
+
+```python
+import os
+
+def send_to_telegram(...):
+    bot_token = os.environ.get("BOT_TOKEN")
+    chat_id = os.environ.get("CHAT_ID")
+    if not bot_token or not chat_id:
+        return
+    
+    env = os.environ.copy()
+    # Use a temp file or proper curl auth method
+    # Actually Telegram bot tokens cannot be passed via header
+    # Instead: use Python's requests library which handles this securely
+    # OR: write token to a file with 0600 perms and use curl's --config option
+```
+
+**Proper fix using Python `requests` library:**
+```python
+import requests
+
+def send_to_telegram(...):
+    bot_token = os.environ.get("BOT_TOKEN")
+    chat_id = os.environ.get("CHAT_ID")
+    if not bot_token or not chat_id:
+        return
+    
+    url = f"https://api.telegram.org/bot{bot_token}/sendMessage"
+    payload = {"chat_id": chat_id, "text": text, "parse_mode": "HTML"}
+    # Token stays in memory, never in command line
+    resp = requests.post(url, data=payload, timeout=10)
+```
+
+**Interim mitigation:** If you must use curl, write the token to a temporary file with mode 0600 and use curl's `--config` flag, then delete the file immediately after.
+
+---
+
+### 6.3 HIGH: HTML Injection in Telegram Messages (XSS-adjacent)
+
+**Location:** Lines 614-661 (`send_to_telegram()`)
+
+**Description:**
+Event titles and other data from the Polymarket API are inserted directly into Telegram messages with `parse_mode=HTML`. No HTML escaping is performed. Characters like `<`, `>`, `&` are not escaped.
+
+**Attack scenario:**
+1. Polymarket (or an attacker who compromises Polymarket data) includes a malicious title like:
+   - `<script>alert('XSS')</script>` 
+   - `<img src=x onerror=alert(1)>`
+   - `Team A &amp; Team B` (ampersand not escaped renders as `&amp;amp;` or breaks parsing)
+2. The bot sends this to Telegram
+3. Telegram renders the HTML, potentially executing JavaScript in the context of the Telegram web client
+
+**Note:** Telegram's HTML parser is restrictive (`<b>`, `<i>`, `<a>`, etc. only), so classic XSS is limited. However:
+- Malformed HTML can crash the Telegram client
+- Attribute-based injections in `<a>` tags could be possible
+- The `<` and `>` characters themselves are illegal in Telegram HTML and will cause parse errors
+
+**Current vulnerable code (simplified):**
+```python
+title = e.get("title", "?")
+lines.append(f"<b>{i}.</b> <a href=\"{url}\">{title_clean}</a>")
+# title_clean is title.split(" - ")[0].strip() -- no HTML escaping
+```
+
+**Fix:**
+```python
+import html
+
+def escape_html(text):
+    """Escape HTML special characters for Telegram."""
+    return (text
+        .replace("&", "&amp;")
+        .replace("<", "&lt;")
+        .replace(">", "&gt;")
+        .replace('"', "&quot;"))
+
+title = e.get("title", "?")
+title_escaped = escape_html(title_clean)
+lines.append(f"<b>{i}.</b> <a href=\"{url}\">{title_escaped}</a>")
+```
+
+---
+
+### 6.4 MEDIUM: Insufficient Input Sanitization on `--search` Parameter
+
+**Location:** Line 39 (`fetch_page()`)
+
+**Description:**
+The `--search` argument is only sanitized with `.replace(' ', '%20')`. This only handles spaces. Other URL-sensitive characters (`#`, `?`, `&`, `%`, `+`, etc.) are not properly URL-encoded.
+
+**Attack scenario:**
+A user passes `--search "Team%20A"` expecting to search for "Team%20A" literally, but `%20` gets decoded to a space by the URL parser, searching for "Team A" instead.
+
+More concerning: if the search term contains `#`, it could truncate the query:
+```bash
+--search "Team#A"  -> URL becomes ?q=Team#A&limit=50...
+# Everything after # is treated as URL fragment, not part of the query
+```
+
+**Current code:**
+```python
+url = (f"{base}?q={q.replace(' ', '%20')}&limit={PAGE_SIZE}&page={page}"
+       f"&search_profiles=false&search_tags=false"
+       f"&keep_closed_markets=0&events_status=active&cache=false")
+```
+
+**Fix:**
+Use `urllib.parse.quote()` for proper URL encoding:
+```python
+from urllib.parse import quote
+
+def fetch_page(q, page=1, ...):
+    base = "https://gamma-api.polymarket.com/public-search"
+    encoded_q = quote(q, safe='')
+    url = (f"{base}?q={encoded_q}&limit={PAGE_SIZE}&page={page}"
+           ...)
+```
+
+---
+
+### 6.5 MEDIUM: No Bounds Checking on `--detail` Argument
+
+**Location:** Lines 778-785 (`main()`)
+
+**Description:**
+The `--detail N` argument is used to index into `result["match_events"]` without proper bounds checking. While there is a fallback (`idx = 0` if out of range), the logic silently defaults to index 0, which may not be what the user intended.
+
+```python
+idx = args.detail - 1  # User provides 1-indexed
+if idx < 0 or idx >= len(result["match_events"]):
+    idx = 0  # Silently defaults to first event
+detail_event = result["match_events"][idx]
+```
+
+**Impact:**
+- Low security impact, but confusing UX
+- User expects event #100 but gets event #1 silently
+
+**Fix:** Warn user if index is out of range instead of silently defaulting.
+
+---
+
+### 6.6 MEDIUM: Potential Denial of Service via Large API Response
+
+**Location:** Lines 53, 79-81, 357-358, 393-403
+
+**Description:**
+The code loads the entire API response into memory via `json.loads()`. If a malicious or compromised Polymarket API returned an extremely large JSON payload (gigabytes), the script could exhaust system memory.
+
+**Additional issue:** `fetch_all_pages()` loops up to 100 pages, each with up to 50 events. While bounded, there's no size limit on individual events or their nested `markets` arrays.
+
+**Fix:**
+```python
+# Add response size limits
+MAX_RESPONSE_SIZE = 10 * 1024 * 1024  # 10MB
+if len(r.stdout) > MAX_RESPONSE_SIZE:
+    raise ValueError(f"API response too large: {len(r.stdout)} bytes")
+```
+
+---
+
+### 6.7 LOW: Bare `except:` Clauses Swallow Security-Relevant Errors
+
+**Location:** Lines 169, 183, 269, 308, 456
+
+**Description:**
+Bare `except: pass` catches ALL exceptions including `KeyboardInterrupt`, `SystemExit`, `MemoryError`, and `OSError`. This silently hides errors that might indicate security problems (e.g., timeouts could suggest a DoS attack in progress).
+
+**Current code:**
+```python
+try:
+    end_dt = datetime.fromisoformat(end_str.replace('Z', '+00:00'))
+    ...
+except:
+    pass  # Silently ignores ALL errors
+```
+
+**Fix:**
+```python
+try:
+    end_dt = datetime.fromisoformat(end_str.replace('Z', '+00:00'))
+    ...
+except (ValueError, TypeError):
+    pass  # Only catch expected exceptions
+```
+
+---
+
+### 6.8 LOW: No Rate Limiting on API Calls (DoS vector)
+
+**Location:** Lines 74-76 (`fetch_all_pages()`)
+
+**Description:**
+An attacker who can pass arguments to this script (e.g., via a web wrapper) could repeatedly call the Polymarket API in a loop, potentially:
+1. Getting the user's IP rate-limited or banned by Polymarket
+2. Consuming the user's bandwidth
+3. Causing resource exhaustion on the host
+
+**Fix:** Add a cooldown between runs if called repeatedly, or use a token bucket rate limiter.
+
+---
+
+### 6.9 Security Summary Table
+
+| # | Issue | Severity | Exploitable Remotely | Fix Complexity |
+|---|-------|----------|----------------------|----------------|
+| 1 | Telegram bot token in process cmdline | CRITICAL | No (local access needed) | Easy |
+| 2 | HTML injection in Telegram messages | HIGH | No (needs Polymarket compromise) | Easy |
+| 3 | Insufficient `--search` sanitization | MEDIUM | Yes (any user input) | Easy |
+| 4 | No bounds check on `--detail` | MEDIUM | Yes (any user input) | Trivial |
+| 5 | Large API response can exhaust memory | MEDIUM | Yes (API or MITM) | Easy |
+| 6 | Bare `except:` swallows errors | LOW | No | Trivial |
+| 7 | No API rate limiting | LOW | Yes (with script access) | Medium |
+
+---
+
+### 6.10 Recommended Immediate Actions
+
+**If you are currently using this skill with a Telegram bot:**
+
+1. **ROTATE YOUR BOT TOKEN IMMEDIATELY** — Go to @BotFather and use `/revoke` to invalidate the current token. Generate a new one.
+
+2. **Do not use the `--telegram` flag** on shared/multi-user systems until Issue #1 is fixed.
+
+3. **Do not use `--search` with untrusted input** until Issue #3 is fixed.
+
+4. Monitor your Telegram bot's `getUpdates` for unauthorized access.
+
+**Safe usage until fixes are deployed:**
+```bash
+# Without Telegram (safe):
+polymarket-browse --category "Counter Strike" --limit 5
+
+# With Telegram (UNSAFE on shared systems until fix is deployed):
+# NOT RECOMMENDED until security issues are addressed
+```
+
+---
+
+### 6.11 Fix Priority Order
+
+1. **FIRST (CRITICAL):** Fix Telegram bot token exposure — use Python `requests` library instead of curl subprocess, OR use curl with `--config` file approach
+2. **SECOND (HIGH):** Add HTML escaping for Telegram messages
+3. **THIRD (MEDIUM):** Fix `--search` URL encoding with `urllib.parse.quote()`
+4. **FOURTH (MEDIUM):** Add `--detail` bounds checking
+5. **FIFTH (MEDIUM):** Add response size limits
+6. **SIXTH (LOW):** Replace bare `except:` with specific exceptions
+
+---
+
+### Appendix A: Longest Lines in browse.py (for targeted refactoring)
 
 | Line | Chars | Location | Content Summary |
 |------|-------|----------|-----------------|