polymarket-wallet-xray
Pass
Audited by Gen Agent Trust Hub on Apr 7, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCREDENTIALS_UNSAFEPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill communicates with
api.simmer.marketsanddata-api.polymarket.comto retrieve trading data and account positions. These operations are necessary for the skill's stated purpose and target legitimate endpoints associated with the vendor and the Polymarket platform. - [CREDENTIALS_UNSAFE]: The skill manages the
SIMMER_API_KEYby reading it from environment variables, which is a secure and standard practice for secret management in agent tools. No hardcoded secrets or unsafe credential storage patterns were identified. - [PROMPT_INJECTION]:
- Ingestion points: The skill fetches market titles and trade history from Polymarket's public API within
wallet_xray.py. - Boundary markers: No explicit delimiters or boundary markers are used when outputting this external data to the agent context.
- Capability inventory: The skill generates a natural language recommendation based on historical metrics, which the agent is instructed to use for understanding trader behavior.
- Sanitization: Market titles are processed and displayed without sanitization. While this creates a theoretical surface for indirect prompt injection via malicious market names, the risk is assessed as low since the data is primarily used for statistical calculations rather than instruction following.
- Ingestion points: The skill fetches market titles and trade history from Polymarket's public API within
- [COMMAND_EXECUTION]: The code uses standard library functions for network requests and data processing. It does not invoke arbitrary shell commands or execute dynamically generated code strings.
Audit Metadata