polymarket-trading

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly ingests public market data as part of its workflow—e.g., it anchors the Bayesian prior to the Polymarket orderbook and uses Binance momentum/trend data—thereby reading untrusted, user-generated public sources (Polymarket markets) at runtime.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The document is explicitly a trading skill for Polymarket and contains concrete, specific functions and API-level actions to execute financial transactions. It details market orders, limit sells, automated exit-plan placement, scale-in using Market Orders (FAK), fee handling, and includes code references like place_market_order and place_batch_orders. These are direct market-order/transaction capabilities (buy/sell/place/cancel) — i.e., explicit financial execution.