polymarket-paper-trader

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill repeatedly fetches live market data and market metadata from public Polymarket endpoints (e.g., clob.polymarket.com via paper_engine.fetch_orderbook/fetch_midpoint and gamma-api.polymarket.com via lookup_market) — used throughout required workflows in scripts like paper_engine.py, health_check.py and execute_paper.py — and these untrusted, user-authored market texts and orderbook/pricing data are read and directly drive simulation, risk checks, and trade execution, so third‑party content can materially influence agent behavior.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is explicitly a trading engine built to execute market and limit orders (scripts and API functions for buy, place_order, close_position, execute_recommendation). It simulates fills by walking the Polymarket order book, uses token IDs from the Polymarket API, and includes commands for market orders, limit orders, portfolio/position management, and an executor for strategy recommendations. Even though it is "paper" (no wallet/real money), its primary and explicit purpose is executing trades (market orders) against live prices, which matches the "market orders / buying/selling assets" criterion for Direct Financial Execution.