polymarket-copytrading
Pass
Audited by Gen Agent Trust Hub on Mar 15, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface because it ingests external data (wallet addresses) to influence critical agent capabilities such as financial trade execution.
- Ingestion points: Wallet addresses provided via the
--walletsCLI argument or theSIMMER_COPYTRADING_WALLETSenvironment variable incopytrading_trader.py. - Boundary markers: Absent; there are no delimiters or explicit instructions provided to the LLM to ignore potentially malicious instructions embedded in data retrieved from external sources or associated with the target wallets.
- Capability inventory: The skill possesses the ability to execute financial trades (buy and sell orders) on Polymarket or a simulated venue via the
execute_tradefunction and thesimmer-sdk. - Sanitization: Minimal; the script performs basic whitespace stripping on the provided wallet strings but does not implement validation or sanitization for the structured trade data returned from the remote API before execution.
- [EXTERNAL_DOWNLOADS]: The skill requires the
simmer-sdkPython package, which is fetched from the standard registry during installation to provide core platform connectivity.
Audit Metadata