polymarket-weather-trader
Pass
Audited by Gen Agent Trust Hub on Mar 15, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADSDATA_EXFILTRATION
Full Analysis
- [PROMPT_INJECTION]: Indirect prompt injection surface identified. The skill ingests untrusted data from external weather APIs and uses it to trigger automated financial trades on Polymarket.
- Ingestion points: Fetches forecast data from the NOAA API (
api.weather.gov) and Open-Meteo (api.open-meteo.com) inweather_trader.py. - Boundary markers: No explicit delimiters or "ignore instructions" markers are used when processing external strings into the agent's logic.
- Capability inventory: The skill is capable of executing blockchain trades (financial impact) using the
SimmerClient.trademethod inweather_trader.py. - Sanitization: Input data is parsed using regular expressions and converted to numeric types (floats) for comparison logic, which mitigates some injection risks but does not eliminate the possibility of data manipulation affecting trade outcomes.
- [EXTERNAL_DOWNLOADS]: Connects to several external services for data and trading functionality.
- Communicates with the Simmer API (
api.simmer.markets) for market discovery, portfolio management, and order execution. - Fetches weather forecast data from the US National Weather Service (NOAA) and Open-Meteo.
- [DATA_EXFILTRATION]: Handles high-privilege credentials required for automated trading.
- The skill documentation (
SKILL.md) instructs users to provide aWALLET_PRIVATE_KEYandSIMMER_API_KEYthrough environment variables. - The logic in
weather_trader.pyandscripts/status.pyaccesses these credentials for authenticating with the Simmer API and signing transactions. No evidence of malicious exfiltration to third parties was found in the provided code.
Audit Metadata