polymarket-weather-trader
Warn
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSCREDENTIALS_UNSAFEPROMPT_INJECTIONCOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill requires the 'simmer-sdk' Python package, which is an external dependency from a vendor not included in the trusted list.
- [CREDENTIALS_UNSAFE]: The skill instructions require the user to store a sensitive 'WALLET_PRIVATE_KEY' in environment variables to enable live trading. Storing private keys in plaintext in the environment is a high-risk practice as they can be accessed by other processes or compromised via system logs.
- [PROMPT_INJECTION]: The skill is susceptible to Indirect Prompt Injection (logic poisoning) because it makes automated financial decisions based on external NOAA forecast data. 1. Ingestion points: NOAA API data is fetched in 'weather_trader.py' via 'get_noaa_forecast'. 2. Boundary markers: Absent; the system assumes the integrity of the weather data for trade execution. 3. Capability inventory: The skill has the capability to spend USDC assets on Polymarket via 'execute_trade'. 4. Sanitization: Data is parsed using regex for temperature buckets but lacks validation against adversarial data inputs designed to force trades.
- [COMMAND_EXECUTION]: The skill executes Python scripts ('weather_trader.py' and 'scripts/status.py') to perform trading operations and check account status.
- [DATA_EXFILTRATION]: The skill performs network requests to 'api.simmer.markets' and 'api.weather.gov'. These operations transmit the user's API keys and trading activity to external endpoints.
Audit Metadata