polymarket-tracker

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill's main script (scripts/track_volume.py) directly fetches market and trade data from public Polymarket endpoints (https://gamma-api.polymarket.com and https://clob.polymarket.com) — including user-generated market "question" text and trades — and ingests/uses that untrusted content to compute and rank top markets, so third-party content could carry embedded instructions that influence outputs.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill explicitly integrates a billing/payment system (skillpay.me) using BNB Chain USDT. It defines payment flow steps (check balance, deduct payment, return payment link), includes API-like functions (check_balance, charge_user, get_payment_link) and a required per-call charge. These are specific payment/crypto actions (charging users, checking crypto balances, generating blockchain payment links), which constitute direct financial execution capability.