Polymarket 24h Geopolitics Cluster Trader
Security checks across malware telemetry and agentic risk
Overview
This is a disclosed Polymarket trading automation skill that defaults to paper trading and only places live trades when explicitly run with the live flag.
Use paper mode first. Before enabling --live, understand that the skill can place real USDC trades, keep conservative position limits, protect the SIMMER_API_KEY, review or pin simmer-sdk if supply-chain assurance matters, and note that the advertised minimum-volume filter does not appear to be implemented in the code.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
64/64 vendors flagged this skill as clean.