polymarket-fast-loop

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill explicitly instructs the agent to ask the user for a Simmer API key and a wallet private key and to store them via environment exports (examples shown), which encourages the LLM to receive and potentially emit those secret values verbatim (e.g., in export commands or configuration), creating an exfiltration risk.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill fetches user-generated market content from Polymarket/Gamma (via https://gamma-api.polymarket.com/markets and polymarket.com/event/{slug}) and parses the market "question" text in _discover_via_gamma/_parse_fast_market_end_time (and uses that metadata to select/import markets and decide trades), so untrusted third‑party text is read and can materially influence decision and tool actions.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is explicitly built to execute real crypto trades on Polymarket. It calls Polymarket/Gamma APIs, requires a Simmer API key and the user's wallet private key to sign and send orders client-side, and has a --live mode to perform real USDC trades (with fee awareness, position sizing, scheduling, and order execution). This is a specific financial-execution integration (crypto trading / wallet signing), not a generic tool, so it grants direct financial execution authority.