polymarket-signal-sniper

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly fetches and parses arbitrary public RSS feeds (see fetch_rss in signal_sniper.py and the SKILL.md Quick Start which shows user-provided RSS URLs) and then reads that untrusted article content to infer sentiment and drive trade decisions, so third‑party content can directly influence actions.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is explicitly designed to monitor signals and execute trades on Polymarket. It includes a documented SDK/API (base URL, portfolio/positions endpoints), commands to "Execute real trades" (e.g., python signal_sniper.py --live), an example trade flow showing "Execute: BUY YES $25", and references to signing orders via WALLET_PRIVATE_KEY (the SDK signs orders automatically when this env var is present). These are specific, built-in market-order and wallet/signing capabilities — i.e., direct financial execution.