Orchestrates monitoring, market odds, and execution proxy tools to detect news-market price gaps and emit arbitrage alerts with optional trade plans.
Security Analysis
medium confidenceThis meta-skill is internally coherent for orchestrating local monitoring, market lookup, and an execution-proxy tool, but it requires a trading API key (SIMMER_API_KEY) even though execution can be alert-only — you should be aware of that and lock down the key and agent autonomy before enabling execution.
The skill's name and description match the actions in SKILL.md: it orchestrates topic-monitor, polymarket-odds, and simmer-weather for arbitrage alerting. Requiring python3/node/npx is expected because the upstream skills are Python/Node and installation uses npx. One minor mismatch: SIMMER_API_KEY is declared as required even though the workflow explicitly supports an 'alert-only' execution_mode; making the API key mandatory is not strictly necessary for alert-only operation.
The SKILL.md confines runtime actions to invoking the three upstream skills, normalizing values, applying hard decision rules, and emitting alerts or execution plans. It does not instruct the agent to read unrelated system files, other environment variables, or external endpoints beyond the described ClawHub skills and Simmer endpoints. It explicitly warns not to auto-trade unless the user asks.
This is instruction-only (no install spec or code blobs). The recommended install uses npx clawhub@latest to install upstream skills — a reasonable, traceable approach. No downloads from arbitrary URLs or archive extractions are present in the skill itself.
Only one env var is requested: SIMMER_API_KEY. That is expected for the simmer-weather execution proxy, but declaring it as required (rather than optional) is disproportionate if users will run in alert-only mode. SIMMER_API_KEY is a trading credential; supplying it enables live trading via the cited execution proxy if downstream components or operators invoke execution. Users should treat this key as sensitive, store it in a secrets manager, and avoid providing it unless they intend to permit trade execution.
The skill does not request always:true, does not modify other skills' configs, and does not demand persistent system-wide privileges. user-invocable is true and autonomous invocation is allowed (disable-model-invocation:false) — this is platform-default and acceptable here, but users should be mindful that an agent with this skill could be asked to perform repeated monitoring and, if credentials are supplied, to prepare execution plans.
Guidance
This skill appears to do what it says: orchestrate monitoring, market lookups, and optional execution guidance. Before installing, consider these steps: (1) Only provide SIMMER_API_KEY if you explicitly want the agent to be able to produce execution plans or run dry-run/live trades; otherwise keep it unset and use alert-only mode. (2) Store SIMMER_API_KEY in a secrets manager or environment that is not broadly accessible, and rotate it regularly. (3) Audit the upstream skills (topic-monitor, polymarket-odds, simmer-weather) that this meta-skill orchestrates — the meta-skill delegates behavior to them. (4) Run the workflow in dry-run mode first and verify that alerts and decision logic behave as expected. (5) Limit agent autonomy and review logs before enabling any live execution path. If you want a stricter review, provide the upstream skills' code or the Simmer SDK docs so I can check exactly how the API key is used and whether any hidden network endpoints are contacted.
Latest Release
v1.0.0
prediction-market-arbitrage 1.0.0 - Initial release: Enables real-time arbitrage detection between breaking news and Polymarket prices for CEO/company event markets. - Orchestrates topic-monitor, polymarket-odds, and simmer-weather skills to compare news confidence with market probabilities. - Supports automated alert generation and optional live trade execution via Simmer, with robust guardrails for skill path resolution and user confirmation. - Requires explicit user confirmation for live trades and provides clear, machine-readable trade recommendations and signal payloads.
More by @h4gen
Published by @h4gen on ClawHub
