polymarket-prediction-market

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly uses WebFetch and public Polymarket API endpoints (e.g., GET /markets, GET /markets/{condition_id}, GET /book and the wss://ws-subscriptions-clob.polymarket.com/ws/ WebSocket) to retrieve live market data including market "question" text and order content, which are public/user-generated and are expected to be read and interpreted by the agent.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is explicitly designed for trading on Polymarket (a USDC-on-Polygon prediction market). It documents authenticated endpoints for placing and cancelling orders (POST /order, DELETE /order/{order_id}), order/trade APIs, EIP-712 signature-based authentication, settlement/redemption mechanics, and arbitrage/trading workflows. Those are specific market-order and blockchain payment/settlement capabilities capable of moving funds.