ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Polymarket Elon Tweets

v1.1.4

Trade Polymarket "Elon Musk # tweets" markets using XTracker post count data. Buys adjacent range buckets when combined cost < $1 for structural edge. Use wh...

0· 1.2k·8 current·9 all-time
byAD88@adlai88
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
Purpose & Capability
The skill's behavior (fetch XTracker data, find Polymarket tweet-count markets, and place trades via the simmer SDK) matches the described purpose. Requiring a Simmer API key and a wallet private key for live trading is consistent with auto-trading. However, top-level registry metadata shown to you earlier claimed 'Required env vars: none' while clawhub.json and SKILL.md require SIMMER_API_KEY (and SKILL.md asks for WALLET_PRIVATE_KEY). This metadata mismatch is incoherent and could mislead users.
!
Instruction Scope
Runtime instructions and code instruct the user to install simmer-sdk, set SIMMER_API_KEY, and (for live trading) store WALLET_PRIVATE_KEY in the environment. The code will auto-import markets, write state/config files (state/failed_trades.json, config.json), and can place live trades when run with --live. These actions are within the trading purpose, but the instructions also include a --no-safeguards flag and recommend storing private keys in env vars — both increase risk and should be treated carefully. Additionally, there are multiple mismatches between documented env variable names/defaults in SKILL.md, config.json, and clawhub.json which can change runtime behavior unexpectedly.
Install Mechanism
No untrusted downloads or archive extraction are used. The skill relies on pip-installable simmer-sdk (declared in clawhub.json and SKILL.md). There is no install script that fetches arbitrary code from unknown hosts; code files are included in the bundle. This is a moderate, expected installer model for Python-based skills.
!
Credentials
The skill legitimately needs SIMMER_API_KEY and — for live trading — access to a wallet's private key or signing ability. Those are high-sensitivity secrets. The bundle's top-level metadata omitted required env vars while clawhub.json includes SIMMER_API_KEY and SKILL.md also instructs storing WALLET_PRIVATE_KEY; multiple env name mismatches (e.g., SIMMER_ELON_MAX_POSITION vs SIMMER_ELON_MAX_POSITION_USD, different defaults for bucket spread and max position across files) create confusion and risk misconfiguration. Requesting a WALLET_PRIVATE_KEY stored in env is particularly sensitive — if provided, the skill (or any code running in that environment) could transfer funds.
Persistence & Privilege
The skill is not force-enabled (always:false) and autostart is false. It can be invoked autonomously by the agent (disable-model-invocation is false) which is standard. It writes its own state and config files under its directory (state/ and config.json) but does not modify other skills or system-wide settings. No excessive persistence privileges detected.
What to consider before installing
This skill appears to implement the described trading strategy, but there are several red flags you should address before using it with real funds: - Do not paste your wallet private key into your environment unless you fully trust the code and developer. Prefer using a signing service, hardware wallet, or an ephemeral key with minimal funds for testing. - Expect to supply SIMMER_API_KEY; the top-level registry metadata incorrectly omitted required env vars — verify you have that key before running. - Run the script in dry-run mode first (python elon_tweets.py) and use --stats/--positions to confirm it finds the expected markets and account info. - Review and reconcile mismatched env variable names and defaults (SKILL.md, clawhub.json, and config.json disagree on variable names and default values). Fix or document the desired names to avoid accidental large bets or disabled safeguards. - Keep autostart/cron disabled until you have tested behavior over multiple dry runs. Be cautious with the --no-safeguards flag; do not use it in production. - Inspect the included code (elon_tweets.py and scripts/status.py) yourself or have someone you trust review it; the code writes local state files and can place trades via the simmer SDK. If you want, I can list the specific env variable name mismatches and default-value discrepancies found across SKILL.md, clawhub.json, and config.json, or point out exact lines in the code where sensitive env vars are read.

Like a lobster shell, security has layers — review code before you run it.

latestvk97bm8xz99tajhgpdywhgjcwcn844rrx
1.2kdownloads
0stars
17versions
Updated 5h ago
v1.1.4
MIT-0
AD88@adlai88
latest
Download

Polymarket Elon Tweet Trader

Trade "Elon Musk # tweets" markets on Polymarket using XTracker post count data.

When to Use This Skill

Use this skill when the user wants to:

  • Trade Elon Musk tweet count markets automatically
  • Set up @noovd-style bucket trading
  • Check XTracker pace and stats for current tweet events
  • Monitor and exit existing tweet market positions
  • Configure bucket spread or entry thresholds

How the Strategy Works

Polymarket runs weekly "How many tweets will Elon post?" events with range buckets (e.g., 200-219, 220-239, 240-259). Exactly one bucket resolves YES = $1. The strategy:

  1. Get XTracker pace — XTracker tracks Elon's real-time post count and projects the final total
  2. Find center bucket — The bucket containing XTracker's projected pace
  3. Buy adjacent buckets — Buy the center + neighbors (configurable spread)
  4. Check combined cost — Only buy if the sum of bucket prices < $1 (the +EV threshold)
  5. One bucket pays $1 — When the event resolves, one of your buckets pays $1, covering costs

Setup Flow

When user asks to install or configure this skill:

  1. Install the Simmer SDK

    pip install simmer-sdk

  2. Ask for Simmer API key

    • They can get it from simmer.markets/dashboard → SDK tab
    • Store in environment as SIMMER_API_KEY

  3. Ask for wallet private key (required for live trading)

    • This is the private key for their Polymarket wallet (the wallet that holds USDC)
    • Store in environment as WALLET_PRIVATE_KEY
    • The SDK uses this to sign orders client-side automatically — no manual signing needed

  4. Ask about settings (or confirm defaults)

    • Max bucket sum: Combined price threshold (default 90¢)
    • Max position: Amount per bucket (default $5.00)
    • Bucket spread: How many neighbors to buy (default 1 = center ± 1)
    • Exit threshold: When to sell (default 65¢)

  5. Save settings to config.json or environment variables

  6. Set up cron (disabled by default — user must enable scheduling)

Configuration

SettingEnv VariableConfig KeyDefaultDescription
Max bucket sumSIMMER_ELON_MAX_BUCKET_SUMmax_bucket_sum0.90Only buy if cluster prices sum < this
Max positionSIMMER_ELON_MAX_POSITIONmax_position_usd5.00Maximum USD per bucket
Bucket spreadSIMMER_ELON_BUCKET_SPREADbucket_spread1Neighbors on each side (1 = 3 buckets)
Smart sizing %SIMMER_ELON_SIZING_PCTsizing_pct0.05% of balance per trade
Max trades/runSIMMER_ELON_MAX_TRADESmax_trades_per_run6Maximum trades per scan cycle
Exit thresholdSIMMER_ELON_EXITexit_threshold0.65Sell when bucket price above this
Slippage maxSIMMER_ELON_SLIPPAGE_MAXslippage_max_pct0.05Skip trade if slippage exceeds this
Min positionSIMMER_ELON_MIN_POSITIONmin_position_usd2.00Floor for smart sizing (USD)
Data sourceSIMMER_ELON_DATA_SOURCEdata_sourcextrackerData source (xtracker)
Order typeSIMMER_ELON_ORDER_TYPEorder_typeGTCOrder type: GTC (good-til-cancelled) or FAK (fill-and-kill)

Config priority: config.json > environment variables > defaults.

Quick Commands

# Check account balance and positions
python scripts/status.py

# Detailed position list
python scripts/status.py --positions

API Reference:

  • Base URL: https://api.simmer.markets
  • Auth: Authorization: Bearer $SIMMER_API_KEY
  • Portfolio: GET /api/sdk/portfolio
  • Positions: GET /api/sdk/positions

Running the Skill

# Dry run (default — shows opportunities, no trades)
python elon_tweets.py

# Execute real trades
python elon_tweets.py --live

# With smart position sizing (uses portfolio balance)
python elon_tweets.py --live --smart-sizing

# Show XTracker stats only
python elon_tweets.py --stats

# Check positions only
python elon_tweets.py --positions

# View config
python elon_tweets.py --config

# Update config
python elon_tweets.py --set max_position_usd=10.00

# Disable safeguards (not recommended)
python elon_tweets.py --no-safeguards

# Quiet mode — only output on trades/errors (ideal for cron)
python elon_tweets.py --live --quiet

# Combine: frequent scanning, minimal noise
python elon_tweets.py --live --smart-sizing --quiet

How It Works

Each cycle the script:

  1. Fetches active XTracker trackings for Elon Musk tweet events
  2. Gets real-time stats: current count, projected pace, days remaining
  3. Searches Simmer for matching tweet count markets (auto-imports if missing)
  4. Finds the bucket matching XTracker's pace projection
  5. Evaluates adjacent buckets (center ± spread)
  6. Entry: If sum of cluster prices < max_bucket_sum → BUY each bucket
  7. Exit: Checks open positions, sells if any bucket price > exit_threshold
  8. Safeguards: Checks context for flip-flop warnings, slippage
  9. Tagging: All trades tagged with sdk:elon-tweets for tracking

Auto-Import

If tweet count markets aren't on Simmer yet, the skill automatically imports them:

  • Derives the Polymarket event URL from the XTracker tracking title
  • Uses the SDK import endpoint (supports multi-outcome events)
  • Imports all outcome buckets as a group
  • Counts as 1 daily import regardless of bucket count

Smart Sizing

With --smart-sizing, position size is calculated as:

  • 5% of available USDC balance (configurable via sizing_pct)
  • Capped at max position setting ($5.00 default)
  • Falls back to fixed size if portfolio unavailable

Safeguards

Before trading, the skill checks:

  • Flip-flop warning: Skips if you've been reversing too much
  • Slippage: Skips if estimated slippage > 15%
  • Market status: Skips closed or resolved markets
  • Extreme prices: Skips buckets priced > 98% or < 2%

Disable with --no-safeguards (not recommended).

Source Tagging

All trades are tagged with source: "sdk:elon-tweets". This means:

  • Portfolio shows breakdown by strategy
  • Other skills won't sell your tweet positions
  • You can track tweet trading P&L separately

Example Output

🐦 Simmer Elon Tweet Trader
==================================================

⚙️ Configuration:
  Max bucket sum:  $0.90
  Max position:    $5.00
  Bucket spread:   1 (center ± 1 = 3 buckets)
  Exit threshold:  65%
  Data source:     xtracker

📊 XTracker Stats:
  Tracking: Elon Musk # tweets Feb 13 - Feb 20
  Current count: 187 posts
  Pace: 243 projected
  Days remaining: 2.3

🎯 Target cluster: 240-259 (center) + 220-239, 260-279
  240-259: $0.35
  220-239: $0.22
  260-279: $0.18
  Cluster sum: $0.75 (< $0.90 threshold) ✅

  Executing trades...
  ✅ Bought 14.3 shares of 240-259 @ $0.35
  ✅ Bought 22.7 shares of 220-239 @ $0.22
  ✅ Bought 27.8 shares of 260-279 @ $0.18

📊 Summary:
  Events scanned: 2
  Clusters evaluated: 2
  Trades executed: 3
  Exits: 0

Troubleshooting

"No XTracker trackings found"

  • XTracker may not have active Elon tweet events
  • New events usually start on Wednesdays/Thursdays

"Cluster sum $X.XX exceeds threshold"

  • Buckets are too expensive — edge is too thin
  • Wait for prices to drop or widen bucket_spread

"No matching Simmer markets found"

  • Markets may not be imported yet — skill will auto-import on next run
  • Check that your API key has import capacity (10/day free, 50/day Pro)

"Safeguard blocked: flip-flop warning"

  • You've been changing direction too much on this market
  • Wait before trading again

"External wallet requires a pre-signed order"

  • WALLET_PRIVATE_KEY is not set in the environment
  • The SDK signs orders automatically when this env var is present — no manual signing code needed
  • Fix: export WALLET_PRIVATE_KEY=0x<your-polymarket-wallet-private-key>
  • Do NOT attempt to sign orders manually or modify the skill code — the SDK handles it

"Balance shows $0 but I have USDC on Polygon"

  • Polymarket uses USDC.e (bridged USDC, contract 0x2791Bca1f2de4661ED88A30C99A7a9449Aa84174) — not native USDC
  • If you bridged USDC to Polygon recently, you likely received native USDC
  • Swap native USDC to USDC.e, then retry

"API key invalid"

  • Get new key from simmer.markets/dashboard → SDK tab

Comments

Loading comments...