The Agent Skills Directory

[COMMAND_EXECUTION]: The script scripts/run_agent_server.py initializes an HTTP server on 0.0.0.0 (all network interfaces) without any authentication mechanism. This allows any user with network access to the machine to trigger scan cycles via the /run endpoint, potentially resulting in unauthorized expenditures of API credits (SerenBucks) and unauthorized trade executions if live mode is active.
[PROMPT_INJECTION]: The skill is subject to indirect prompt injection risks because it ingests market questions from an external source (Polymarket CLOB) and interpolates them directly into LLM prompts in scripts/seren_client.py without sanitization or strict boundary markers. A maliciously crafted market question could attempt to influence the agent's trading logic.
Ingestion points: scripts/polymarket_client.py (fetching from polymarket-data publisher).
Boundary markers: Absent in fair value and research prompts.
Capability inventory: The skill can execute financial trades (scripts/polymarket_live.py), write to databases (scripts/serendb_storage.py), and manage scheduled tasks (scripts/setup_cron.py).
Sanitization: Absent for market questions.
[EXTERNAL_DOWNLOADS]: The bot fetches real-time market data, research summaries, and configuration from api.serendb.com and clob.polymarket.com. These references are consistent with the skill's stated purpose and target the vendor's own infrastructure or established financial services.

polymarket-bot