polymarket-elon-tweets

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). This skill fetches and parses live data from the public XTracker API (https://xtracker.polymarket.com/api) and may import/parse Polymarket event pages (polymarket.com/event/...) to match markets, and it directly uses that untrusted third‑party content (tracking titles, pace projections, and market/outcome text) to decide and execute trades, so external content can materially influence agent actions.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is explicitly designed to execute real trades and manage on-chain trading wallets:
• It uses the Simmer SDK and Simmer API to place orders (API endpoints and an SDK import/trade flow are documented).
• It requires the user's WALLET_PRIVATE_KEY and states the SDK "uses this to sign orders client-side automatically" — direct wallet signing for live trades (crypto/blockchain wallet control).
• Commands and flags include --live to "Execute real trades", buying buckets when conditions met, and selling on exit thresholds — explicit market order execution.
• It auto-imports markets and tags trades, manages portfolio/positions, and calculates position sizing — all part of moving funds and placing orders.

These are specific, non-generic financial actions (market orders and wallet signing), so this grants Direct Financial Execution Authority.