Skillv2.3.0

ClawScan security

Polymarket Ai Divergence · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousApr 25, 2026, 9:20 AM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill mostly does what it claims (scan divergences and trade) but has inconsistencies in documentation vs. code and asks for sensitive credentials (wallet private key) — review before giving it live access to funds.
Guidance: This skill appears to implement a legitimate divergence scanner + trading bot, but review carefully before enabling live trading. Key points: - Only provide SIMMER_API_KEY and especially WALLET_PRIVATE_KEY if you trust the Simmer SDK and this skill — the wallet private key grants control to sign trades and potentially move funds. - Prefer using a managed custody wallet (if supported) or a wallet with limited funds; avoid exposing a long-term hot key with large balances. - There are inconsistencies between the README, the Python code, and clawhub.json (env var names and default values). Double-check which environment variable names the running code actually reads (see CONFIG_SCHEMA in ai_divergence.py) to avoid misconfiguration. - Run the skill in dry-run (--no-live) or paper mode first and inspect generated trade payloads, and inspect the simmer-sdk version you will install (simmer-sdk>=0.11.1). Consider reviewing the Simmer SDK source for how it uses WALLET_PRIVATE_KEY and whether it forwards secrets to external services. - If you are not comfortable storing private keys in env vars, use managed wallets or decline live trading and use the scanner only.

Review Dimensions

Purpose & Capability: noteName/description, code files, and API endpoints align with a Polymarket/Simmer divergence scanner + trading bot. The included Gamma API client and status script are consistent with the stated purpose.
Instruction Scope: concernSKILL.md instructs installing simmer-sdk, storing SIMMER_API_KEY and (for live trading) WALLET_PRIVATE_KEY in the environment. The skill will call Simmer API endpoints and the Polymarket Gamma API. However the documentation, the code, and clawhub.json disagree on several env var names and default values (e.g., SIMMER_DIVERGENCE_MAX_BET vs SIMMER_DIVERGENCE_MAX_BET_USD, differing defaults for max bet/daily budget), which can cause misconfiguration. Asking the user to store a private key in an env var is within scope for a trading bot but is a sensitive action that requires explicit user consent and understanding.
Install Mechanism: okNo arbitrary download URLs or extract steps. The package depends on simmer-sdk (pip). The skill is provided as code files rather than a binary install; pip installing simmer-sdk is a typical moderate-risk dependency for this use case.
Credentials: concernPrimary credential SIMMER_API_KEY is appropriate. The optional WALLET_PRIVATE_KEY is sensitive but plausible for self-custody live trading. The SKILL.md encourages storing a private key in an environment variable (WALLET_PRIVATE_KEY) while the code itself delegates signing to the simmer-sdk; this is proportional to trading but represents a high-value secret — users should not provide it unless they trust the SDK and skill. There are also minor env-name mismatches between docs, code, and clawhub.json that could cause accidental misconfiguration and unexpected behavior.
Persistence & Privilege: noteThe skill is not always-enabled and autostart is false. clawhub.json marks the skill as automaton.managed with an entrypoint (ai_divergence.py), meaning the platform may run it on a schedule; this is expected for trading automation but increases blast radius if credentials are supplied. No code modifies other skills or system-wide settings.