polymarket-copy-trading-bot

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly polls the public Polymarket Data API and/or subscribes to Polymarket WebSocket channels (see "Monitors a target wallet via Polymarket Data API" and WebSocketMonitor in SKILL.md) to read public user trades and then uses those events to size and execute copy orders, so untrusted third‑party content directly influences agent actions.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is explicitly a trading bot that signs and submits on-chain orders via the Polymarket CLOB SDK on Polygon. It requires a WALLET_PRIVATE_KEY, RPC_URL, and USDC collateral; it auto-submits approval transactions, derives API credentials from wallet signatures, and calls the CLOB client to place FOK/FAK/LIMIT orders (i.e., sends transactions that move funds/assets). This is a specific crypto/blockchain financial execution capability, not a generic tool.