high-throughput-paired-basis-maker

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill automatically fetches live market histories, orderbooks, and market metadata from public third‑party endpoints (see config.gamma_markets_url in SKILL.md and the calls to bt.gamma_markets_url / POLYMARKET_CLOB_BASE_URL in scripts/agent.py) and directly uses that untrusted, user‑generated market data to build backtests, rank pairs, and generate trade intents, so external content can materially influence agent decisions.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is explicitly a trading bot for Polymarket with built-in live execution. It requires POLY_PRIVATE_KEY / WALLET_PRIVATE_KEY and POLY_API_KEY/POLY_PASSPHRASE/POLY_SECRET, installs and uses py-clob-client for order signing/submission, defines a canonical live execution path (DirectClobTrader), emits paired trade intents, and instructs submitting marketable min-tick sells/unwinds and cancelling/submitting orders. These are specific market-order and wallet/transaction capabilities (crypto/blockchain wallet keys and order submission), so it grants direct financial execution authority.