polymarket-weather-trader

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly fetches and parses user-generated market text from Polymarket via Simmer's import/list endpoints (see discover_and_import_weather_markets and fetch_weather_markets in weather_trader.py where event_name/question/outcome_name are parsed) and combines that public third‑party content with NOAA/Open‑Meteo forecasts to drive buy/sell decisions, so untrusted market text can materially influence automated trading actions.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is explicitly designed to execute trades on Polymarket via the Simmer API/SDK. It requests the user's wallet private key, states the SDK "uses this to sign orders client-side automatically," includes commands to "Execute real trades" (python weather_trader.py --live), and describes buying/selling market positions, position sizing, portfolio checks, and trade execution safeguards. These are direct market-order and crypto wallet operations (signing transactions and moving USDC), which constitute direct financial execution authority.