The Agent Skills Directory

[SAFE]: No malicious patterns, obfuscation, or unauthorized data access were identified. The skill interacts with official Polymarket endpoints and uses established cryptographic libraries.
[PROMPT_INJECTION]: The skill has a potential surface for indirect prompt injection due to its use of web tools. 1. Ingestion points: Untrusted data enters the context through the web_search and web_fetch tools during the research phase. 2. Boundary markers: No explicit delimiters or boundary markers are used to isolate tool outputs from the rest of the prompt. 3. Capability inventory: The skill has powerful capabilities, including wallet_sign_typed_data, wallet_transfer, and bash for running local scripts. 4. Sanitization: There is no explicit sanitization of the data retrieved from the web. However, the mandatory requirement for user confirmation before any trade significantly mitigates the risk of automated exploitation.
[COMMAND_EXECUTION]: The skill uses the bash tool to run internal Python helper scripts (e.g., poly_research.py). This is a standard and necessary operation for the skill's research and trading features.

@1368/polymarket-trade