polymarket-elon-tweets

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill fetches live, public XTracker data (https://xtracker.polymarket.com/api) and derives/imports Polymarket event pages from constructed Polymarket URLs, then parses those third‑party titles/outcomes and pace projections to choose and execute trades—so untrusted external content is read and directly drives tool use and trading decisions.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is explicitly designed to execute real trades and manage on-chain trading wallets:
• It uses the Simmer SDK and Simmer API to place orders (API endpoints and an SDK import/trade flow are documented).
• It requires the user's WALLET_PRIVATE_KEY and states the SDK "uses this to sign orders client-side automatically" — direct wallet signing for live trades (crypto/blockchain wallet control).
• Commands and flags include --live to "Execute real trades", buying buckets when conditions met, and selling on exit thresholds — explicit market order execution.
• It auto-imports markets and tags trades, manages portfolio/positions, and calculates position sizing — all part of moving funds and placing orders.

These are specific, non-generic financial actions (market orders and wallet signing), so this grants Direct Financial Execution Authority.