Polymarket 48h Equity Strike Trader
v1.0.1Trades structural mispricings in equity/stock price-threshold markets by reconstructing the implied probability curve across strike levels for the same compa...
⭐ 0· 78·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
Capability signals
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
OpenClaw
Benign
medium confidencePurpose & Capability
The name/description (detecting mispricings across strike ladders and placing trades) matches the actual contents: trader.py implements parsing, curve construction, violation detection, and trade execution through a SimmerClient. The single required credential (SIMMER_API_KEY) is appropriate for a trading SDK.
Instruction Scope
SKILL.md describes discovery, parsing, ranking, and trading logic; it does not instruct the agent to read unrelated files, exfiltrate environment variables, or contact unexpected endpoints. The risk controls (paper mode by default, explicit --live flag) are documented.
Install Mechanism
There is no install script in the skill bundle, but clawhub.json declares a pip dependency on 'simmer-sdk'. Installing from PyPI is a common pattern but introduces moderate risk: review the simmer-sdk package/source and verify the upstream GitHub and release authenticity before installing.
Credentials
Only SIMMER_API_KEY is marked required; the code reads several SIMMER_* tunables from env (also declared in clawhub.json) which are reasonable for sizing and risk controls. No unrelated credentials or system config paths are requested.
Persistence & Privilege
always is false and autostart is false, so the skill will not run automatically by default. The automaton block marks the entrypoint as trader.py (managed: true) — meaning the platform could execute it if you enable automation, but there's no evidence the skill modifies other skills or system-wide config.
Assessment
This package appears coherent for its stated purpose, but take these precautions before enabling live trading:
- Keep SIMMER_API_KEY secret and use a key scoped/minimized for testing. Never paste it into untrusted UIs.
- Run the skill in paper mode first (default) and confirm behavior. Live trades require an explicit --live flag.
- Review the simmer-sdk PyPI package and its GitHub repository to ensure it is the legitimate client you expect (verify maintainers, recent commits, and that it talks to expected API endpoints). Installing arbitrary PyPI packages carries risk.
- Check the trader.py code paths that perform order placement and rate-limits so you understand potential financial exposure. Lower tunables (MAX_POSITION, MAX_POSITIONS, MIN_TRADE) during initial trials.
- If you plan to enable automation/cron on a platform, confirm autostart is disabled and understand how the platform will run the managed automaton.
If you want, I can (a) fetch and summarize the simmer-sdk repository (author/hosts/license) for further assurance, or (b) scan the remainder of trader.py (the truncated portion) for any network calls or subprocess usages that might be unexpected.Like a lobster shell, security has layers — review code before you run it.
latestvk9719rgeyy7v3rtnjjd042ya7n846c6m
License
MIT-0
Free to use, modify, and redistribute. No attribution required.