polymarket-fast-loop

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.90). The skill explicitly instructs the agent to ask for and use a Simmer API key and a wallet private key and shows export/command examples that would require embedding those secret values (e.g., export WALLET_PRIVATE_KEY=0x...), so the LLM would need to accept and potentially output secrets verbatim, creating exfiltration risk.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill directly fetches public market data (via the Gamma API at https://gamma-api.polymarket.com/markets and polymarket event URLs) and parses market "question" text/outcome_prices (user-generated/public content) while also ingesting public CEX feeds (Binance/CoinGecko); those external, untrusted texts and feeds are read and used by the strategy to choose/import markets and execute trades, so third-party content can materially influence agent actions.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is explicitly a trading bot for Polymarket fast crypto markets and includes direct execution capabilities: it advertises real USDC trades ("Polymarket only. All trades execute on Polymarket with real USDC"), provides a --live mode to perform real trades, instructs storing a WALLET_PRIVATE_KEY to let the SDK "sign orders client-side automatically," and calls Polymarket (Gamma API) via the Simmer SDK (SIMMER_API_KEY). It also includes CLI/crontab examples to run live trading cycles and configuration for position sizing. These are specific crypto/market order operations (wallet keys, signing, live order execution), not generic tooling—so it grants direct financial execution authority.