Near-expiry conviction trading on Polymarket. Snipe markets about to resolve when the odds are heavily skewed. Filter by topic, cap your bets, and only trade...
Security Analysis
medium confidenceThe skill's purpose (near-expiry trading on Polymarket) matches most of the code, but there are transparency and scope inconsistencies around requested secrets and environment variables that the user should understand before installing (notably an undeclared wallet private key and other env vars read by the code).
Name/description (Polymarket near-expiry sniper) aligns with the code: it discovers markets via the Simmer API, filters by expiry and split, and can execute trades via the Simmer SDK. The clamhub.json pip dependency on 'simmer-sdk' is expected for this functionality.
SKILL.md instructs the operator to supply SIMMER_API_KEY and (for live trading) WALLET_PRIVATE_KEY and to save settings to config.json or env vars. The instructions otherwise stay inside the trading domain, but they permit disabling safeguards (--no-safeguards) and recommend storing a raw private key in environment variables — a high-risk instruction that should be questioned. The SKILL.md does not document all environment variables the code reads (e.g., AUTOMATON_MAX_BET, TRADING_VENUE) which are present in the code.
There is no explicit install script in the package (instruction-only / code provided). clawhub.json lists a pip dependency 'simmer-sdk', which is an expected dependency. No downloads from unknown URLs or archive extraction are present. Installing a third-party Python SDK from PyPI is a normal moderate-risk step; users should review that package separately.
The skill legitimately needs the Simmer API key (SIMMER_API_KEY) to query markets and portfolio. However: (1) SKILL.md and code instruct storing/using WALLET_PRIVATE_KEY for live trading but that sensitive variable is not listed in the provided registry 'requires.env' (metadata inconsistency). (2) The code reads additional environment variables (TRADING_VENUE, AUTOMATON_MAX_BET) that aren't documented in SKILL.md's env table. Requiring a wallet private key is plausible for automatic signing, but asking users to put an unencrypted private key in an env var and failing to declare it in metadata reduces transparency and increases risk of secret leakage or accidental misuse.
The skill is not forced-always (always: false) and does not request any system-wide privileges. It can be invoked autonomously by the agent (disable-model-invocation is false) which is normal for skills; note that autonomous live-trading capability increases blast radius if credentials are misused. The skill does save/load a config (load_config/update_config) but only for its own settings.
Guidance
This skill appears to implement the advertised Polymarket sniping strategy, but you should not proceed without addressing a few transparency and safety items: - Do not put your wallet private key into an environment variable unless you understand the risk. Confirm whether WALLET_PRIVATE_KEY is strictly required and whether the Simmer SDK can instead use a safer signing workflow (hardware wallet, remote signer, or ephemeral signing). Prefer running only in dry-run mode until you verify behavior. - The package metadata omitted WALLET_PRIVATE_KEY and some env vars (AUTOMATON_MAX_BET, TRADING_VENUE) that the code reads. Ask the author to update the registry metadata to list all required env vars and explain how private keys are used and protected. - Review the 'simmer-sdk' package (version you will install) to confirm it does not exfiltrate keys and that trade signing happens locally or via trusted endpoints. If possible, inspect the SimmerClient.trade implementation before enabling --live. - Run the skill in a low-privilege, isolated environment (with minimal funds) and use dry-run first. If you must enable live trading, fund the linked wallet with a small, capped amount and rotate keys if you later decide to stop using the skill. - If you are not comfortable managing private keys, ask the maintainer if the skill can integrate with a wallet that requires manual signing or a more secure signer instead of storing raw private keys in env vars. I have medium confidence because the code largely matches the described purpose, but the prompt truncated parts of the main script and the missing metadata around sensitive env vars is an important transparency gap — obtaining the full, untruncated source or an explicit author statement about key handling would raise confidence to high.
Latest Release
v1.0.13
AgentSkills format — moved platform config to clawhub.json for cross-agent compatibility
More by @adlai88
Published by @adlai88 on ClawHub
