The Agent Skills Directory

[NO_CODE]: The skill does not include any executable scripts such as Python or JavaScript files; it is composed entirely of Markdown instructions and metadata.
[REMOTE_CODE_EXECUTION]: The documentation provides an installation method that pipes a shell script directly from the official Polymarket GitHub repository into the system shell.
Evidence: curl -sSL https://raw.githubusercontent.com/Polymarket/polymarket-cli/main/install.sh | sh
[COMMAND_EXECUTION]: The skill enables the agent to execute a wide variety of polymarket CLI commands to perform wallet operations, trade execution, and on-chain activities.
Evidence: Use of commands such as polymarket wallet create, polymarket clob create-order, and polymarket setup.
[EXTERNAL_DOWNLOADS]: The skill references external binaries and installation scripts from the official Polymarket GitHub organization (github.com/Polymarket/*).
[CREDENTIALS_UNSAFE]: The skill provides instructions for the agent to manage and access sensitive information, including private keys, via environment variables and local configuration files.
Evidence: Guidance on using POLYMARKET_PRIVATE_KEY and the configuration file path ~/.config/polymarket/config.json.
[PROMPT_INJECTION]: The skill interprets and processes external market data, creating a surface for indirect prompt injection attacks.
Ingestion points: Data retrieved from the Polymarket CLOB, market searches, and order book commands.
Boundary markers: The command templates do not include specific delimiters or warnings to ignore instructions embedded in market descriptions or metadata.
Capability inventory: The agent has the ability to execute trades, manage funds, and manipulate account settings based on processed data.
Sanitization: No explicit validation or filtering of market-provided data is defined before the agent processes it for decision-making.

polymarket-trading