Skillv0.0.3

ClawScan security

Polymarket Candle Volume Spike Trader · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignApr 28, 2026, 2:30 PM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's code, declared dependency (simmer-sdk), and required SIMMER_API_KEY align with a Polymarket trading skill; nothing in the files indicates unrelated or covert behavior.
Guidance: This skill appears coherent for Polymarket trading, but SIMMER_API_KEY is a high-value credential — only provide it if you trust the Simmer service and the skill author. Test thoroughly in paper mode (default) before enabling live trading. Verify the simmer-sdk package source (PyPI) and consider limiting the agent's autonomous invocation privileges if you don't want background/autonomous trades. Finally, confirm autostart/cron settings and revoke the API key immediately if you see unexpected live activity.

Review Dimensions

Purpose & Capability: okThe skill claims to discover Polymarket 'Up or Down' markets and place paper or live trades; the code uses simmer-sdk and requires SIMMER_API_KEY which is appropriate for that purpose. Minor metadata inconsistency: the top-level registry summary in the scanner output listed no required env vars, but clawhub.json and SKILL.md both require SIMMER_API_KEY — this appears to be a scanning/metadata mismatch rather than malicious behavior.
Instruction Scope: noteSKILL.md and trader.py instruct the agent to enumerate markets, parse 5-minute intervals, compute signals, and execute trades through the Simmer API. The instructions do not ask the agent to read unrelated system files or other credentials. It does, however, call external service endpoints (via simmer-sdk) to get markets, contexts, and to place orders — which is expected for a trading skill. The skill defaults to paper trading unless run with --live.
Install Mechanism: okNo ad-hoc downloads or archive extraction. The manifest lists a single pip dependency ('simmer-sdk'), which is proportionate for a client SDK. There is no install script that pulls arbitrary code from personal URLs.
Credentials: noteThe only high-sensitivity credential required is SIMMER_API_KEY, which is appropriate because the skill places trades. The skill also reads many tunables from environment variables (MAX_POSITION, thresholds, etc.), which are reasonable. Reminder: SIMMER_API_KEY is a high-value secret — granting it gives the skill trading authority on your Simmer account.
Persistence & Privilege: okThe skill is not forced-always (always:false) and autostart is false; it won't run automatically unless explicitly started. automaton.managed with entrypoint points to trader.py but that is consistent with a managed automaton that the platform can start; this is normal. disable-model-invocation is false (the agent may invoke the skill autonomously), which is platform default — not dangerous by itself but worth noting if you do not want autonomous trading.