polymarket-whale-copier

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill directly fetches live, public Polymarket data (e.g., https://data-api.polymarket.com/trades and /positions called in scripts/copy_trader.py and scripts/auto_redeem.py, and SKILL.md pointing to polymarket.com/leaderboard), treats that untrusted marketplace/user-generated data as input for decision logic, and uses it to decide/execute copy trades, so third-party content can materially influence agent behavior.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is explicitly a trading bot for Polymarket that requires a private key, signs transactions, places orders, and auto-redeems winnings. Its primary purpose is to monitor wallets and execute/copy trades (sending transactions that move funds/USDC on a blockchain). This is a specific financial-execution tool (crypto/blockchain trading and transaction signing), not a generic capability.