polymarket-simmer-fastloop

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill fetches and parses user-generated market questions and metadata from public Polymarket/Gamma endpoints (e.g., _discover_via_gamma calling https://gamma-api.polymarket.com/markets and import_market using https://polymarket.com/event/{slug}, plus external feeds like NOFX) and then interprets those question strings (via _parse_end_time and other logic) as part of the trading decision flow, so untrusted third-party content can materially influence actions.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is explicitly a trading bot for Polymarket with a live trading mode. It requires a WALLET_PRIVATE_KEY for Polymarket, connects to Polymarket when TRADING_VENUE="polymarket", and the SDK "signs trades locally." The README shows commands to run in --live mode, notes you must have USDC in the wallet, and includes execution-related settings (daily_budget, max_position) and cron examples that run live trading. These are specific, purpose-built capabilities to place real market orders/sign transactions on a trading venue (blockchain wallet/prediction market), not generic tooling. Therefore it provides direct financial execution authority.