Skillv0.0.3

ClawScan security

Polymarket Catastrophe Trader · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

ReviewApr 28, 2026, 2:20 PM

Verdict: Review
Confidence: medium
Model: gpt-5-mini
Summary: The skill is broadly what it says (a Polymarket-focused trading bot) but there are internal inconsistencies — the package requires a SIMMER API key and a simmer-sdk dependency even though the registry metadata and parts of SKILL.md claim 'no API' / 'no required env', which is unexplained and worth caution.
Guidance: Before installing, verify and reconcile the metadata: clawhub.json and trader.py require SIMMER_API_KEY and declare a pip dependency on simmer-sdk, but the registry metadata and portions of SKILL.md claim 'no API required' — that mismatch is suspicious (could be sloppy docs or an attempt to hide required credentials). If you plan to use this skill: 1) Inspect the simmer-sdk package source (or vendor) to confirm there are no unexpected network endpoints or privileged calls. 2) Understand the permissions of SIMMER_API_KEY (can it place live trades, move funds, or only simulate?). 3) Keep the skill in paper mode until you audit behavior and trust the Simmer service. 4) Prefer running in a restricted environment and avoid providing any unrelated secrets or wallet/private-key environment variables. If the publisher cannot explain the metadata/documentation mismatch, treat the skill as untrusted.

Review Dimensions

Purpose & Capability: noteThe code and clawhub.json implement a Polymarket trader using a Simmer SDK (market discovery, sizing, and execution). That matches the described trading purpose. However the registry metadata (provided earlier) said 'required env vars: none' while clawhub.json and trader.py require SIMMER_API_KEY and provide tunables named SIMMER_*. This metadata mismatch is incoherent and should be clarified.
Instruction Scope: concernSKILL.md repeatedly says the catastrophe_bias logic 'works without any external API' and that the template needs no external API for that signal, but the runtime instructions and trader.py call SimmerClient and require an API key. The README/instructions therefore misrepresent runtime behavior. The SKILL.md otherwise does not instruct reading unrelated system files or exfiltrating data, but the misstatement about APIs is a scope creep / documentation mismatch.
Install Mechanism: noteThere is no explicit install spec, but clawhub.json declares a pip dependency on 'simmer-sdk'. Installing a package from PyPI is a common pattern; no odd download URLs or extract-from-arbitrary-host operations are present. You should still audit the simmer-sdk package source before granting keys.
Credentials: concerntrader.py and clawhub.json require SIMMER_API_KEY and expose many SIMMER_* tunables. That is proportionate for a trading agent that uses Simmer to simulate/execute trades. However the registry metadata claimed no required env vars, creating a worrying discrepancy. Confirming intended required credentials and the exact scope/privileges of SIMMER_API_KEY is important (what can that key do? trade, withdraw funds, configure automata?).
Persistence & Privilege: okThe skill is automaton-managed with entrypoint trader.py but autostart is false and 'always' is not set. It can be invoked autonomously (normal default) but it does not demand force-inclusion or elevated system-wide privileges. The script will by default use a paper venue unless a --live flag (or live=True) is supplied.