polymarket-api

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). This skill fetches and subscribes to live market and event data from Polymarket's public APIs and WebSocket endpoints (e.g., https://gamma-api.polymarket.com /events, https://clob.polymarket.com and wss://ws-subscriptions-clob.polymarket.com), which return third‑party/untrusted market and event metadata that the agent is expected to read and could contain user-generated text capable of conveying malicious instructions.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill explicitly integrates with Polymarket's trading APIs and smart contracts and includes order-execution functionality. It documents authenticated/trading auth levels, provides endpoints like POST /order and DELETE /order/{id}, and the Python implementation includes a place_order flow that creates and posts orders using API keys/private key/funder address. It also references contract addresses and a stablecoin (USDC). These are specific tools to execute market orders and move funds on-chain/through the exchange, so it grants direct financial execution capability.