ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Polymarket Copytrading

v1.9.1

Mirror positions from top Polymarket traders. Polling mode (free) for portfolio-style copying, Reactor mode (Pro) for event-driven real-time mirroring via Si...

3· 2.3k·13 current·15 all-time
byAD88@adlai88
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
Capability signals
CryptoRequires walletRequires sensitive credentials
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
high confidence
Purpose & Capability
The skill's name, description, SKILL.md, clawhub.json and code all describe a Simmer-based Polymarket copytrading tool and require a SIMMER_API_KEY and the simmer-sdk, which is appropriate for the stated purpose. However, the top-level registry summary (the data shown at the start of the review) lists 'Required env vars: none' and 'Primary credential: none' while clawhub.json and code clearly require SIMMER_API_KEY — this metadata mismatch is inconsistent and worth flagging.
!
Instruction Scope
The SKILL.md instructs the installer to ask for and store a wallet private key (WALLET_PRIVATE_KEY) in environment variables for live trading. The code and docs indicate client-side signing via the SDK. Asking users to store raw private keys in env vars is high-risk; the SKILL.md does not provide secure alternatives (hardware wallets, delegated signing endpoints) nor explicit warnings about local/global environment persistence. Additionally the SKILL.md allows users to paste wallet addresses in chat — avoid pasting private keys in chat. The skill otherwise stays within expected runtime scope (calls Simmer API, uses simmer-sdk).
Install Mechanism
There is no custom install spec; the SKILL.md tells users to pip install simmer-sdk and a requirements.txt lists simmer-sdk. This is a common, low-to-moderate risk install path (public PyPI package). No arbitrary URL downloads or archive extraction are present.
!
Credentials
The skill legitimately needs SIMMER_API_KEY for the Simmer API. However: 1) the SKILL.md instructs storing WALLET_PRIVATE_KEY (sensitive secret) in the environment for live trading but the clawhub.json does not declare WALLET_PRIVATE_KEY as a required env var (metadata omission), producing a mismatch; 2) requiring a private key at all is proportional to live-trading capability but is high-impact — the documentation does not recommend safer signing options or minimize storage exposure. The skill also references environment overrides (AUTOMATON_MAX_BET, TRADING_VENUE, Reactor env vars), which are reasonable.
Persistence & Privilege
The skill is not marked always:true, is user-invocable, and does not request system-wide privileges. It uses a config loader (simmer_sdk.skill.load_config) and may write its own config file, which is normal. There is no evidence the skill modifies other skills' configs or requests persistent platform-level elevation.
What to consider before installing
Key points to consider before installing: - Source verification: The skill has no homepage and the source is 'unknown'. Verify the publisher (kn7axnp7bzqsf5fkx0z8px7han7zyq1x) and prefer installing only from known/trusted authors or an official Simmer release. - API key vs. private key: The skill requires your SIMMER_API_KEY (expected). It also instructs you to provide your WALLET_PRIVATE_KEY for live trading — this is highly sensitive. Do not paste or upload private keys into chat. Prefer safer alternatives: use paper trading, use an API or signing service you control, use ephemeral keys, or sign transactions with a hardware wallet or separate signing service rather than storing raw private keys in global environment variables. - Metadata mismatch: The registry summary omitted required envs but clawhub.json and the code require SIMMER_API_KEY and the SKILL.md requests WALLET_PRIVATE_KEY. This inconsistency can be a packaging error or an indicator the package metadata is not trustworthy. Confirm the declared requirements match the code before proceeding. - Test first: Use --dry-run / paper trading, start with very small amounts, and run scripts/status.py to inspect what the skill would do. Verify the behavior of simmer-sdk and review how it handles signing, trade execution, and token storage. - Inspect code and dependencies: If you will provide any secrets, inspect copytrading_trader.py and the simmer-sdk implementation to ensure there are no unexpected network endpoints or exfiltration. Confirm simmer-sdk is the official package (pip simmer-sdk) and check its project page. - Operational safety: Avoid storing private keys in environment variables on shared or cloud systems. If you must store secrets in env vars, use scoped secrets managers and limit permissions and lifetime. Keep backups of your funds' access controls and consider using small caps and circuit-breakers as suggested in the docs. If you cannot confirm the publisher or the code's handling of private keys, treat this skill as risky and avoid providing a real wallet private key.

Like a lobster shell, security has layers — review code before you run it.

latestvk974amhkvswqwwetvrbcy8h60184yz7f

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments