polymarket-openclaw-trader

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). SKILL.md explicitly requires parsing markets/token IDs and querying Polymarket (POLYMARKET_HOST) and on-chain wallet data as part of the trading workflow, which means the system ingests public Polymarket/blockchain market data (user-generated/untrusted) that can materially influence trading decisions.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is explicitly for automated trading on Polymarket and includes specific, non-generic financial execution controls: it requires a POLYMARKET_PRIVATE_KEY and WALLET_ADDRESS, refers to chain id and signature type, and contains an explicit "下单执行规范" (order execution) flow that checks keys, resolves market/token IDs, enforces risk thresholds, executes orders, and returns transaction receipts. This is a direct trading/crypto wallet signing capability (placing market orders / sending transactions), not a generic tool, so it grants direct financial execution authority.