polymarket-fast-loop

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt explicitly instructs the agent to ask the user for a Simmer API key and a wallet private key and shows export commands that embed those secrets in environment variables, which requires the LLM to accept and potentially echo or insert secret values verbatim (high exfiltration risk).

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill directly fetches user-generated Polymarket data from the public Gamma API (https://gamma-api.polymarket.com/markets) and Polymarket event pages (https://polymarket.com/event/{slug}) — the code (_discover_via_gamma and _parse_fast_market_end_time) ingests and parses market "question" text and metadata (user-created content) and uses those values to select markets, compute timing, and decide trades, so untrusted third‑party content can materially influence behavior.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is explicitly built to execute real crypto trades on Polymarket. It calls Polymarket/Gamma APIs, requires a Simmer API key and the user's wallet private key to sign and send orders client-side, and has a --live mode to perform real USDC trades (with fee awareness, position sizing, scheduling, and order execution). This is a specific financial-execution integration (crypto trading / wallet signing), not a generic tool, so it grants direct financial execution authority.