storyclaw-polymarket-trading

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill actively fetches and ingests public, user-generated market data from gamma-api.polymarket.com (see scripts/market_scanner.py, scripts/polymarket.py, scripts/signal_cron.py and settle flows) and uses those market titles/outcomePrices and CLOB API orderbook/midpoint data from clob.polymarket.com to drive signals, auto-improvement, and trading decisions, so untrusted third‑party content can materially influence agent actions.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is explicitly a trading bot for Polymarket with built-in primitives to execute live trades. It stores a private_key and funder_address in credentials, includes a polymarket.py "CLOB API primitives" module, and provides commands/scripts (e.g., strategy_manager.py activate-live, crons that run signal_cron.py to record trades and move a strategy from dry_run → live) to switch from paper trading to live trading after confirmation. These are specific crypto/market-order capabilities (wallet/private key handling and trade activation), not generic tools, so it grants direct financial execution authority.