Skillv0.0.3

ClawScan security

Polymarket Celebrity Social Trader · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignApr 28, 2026, 2:19 PM

Verdict: Benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's code, declared dependency, and runtime instructions are consistent with a Polymarket trading helper that uses a Simmer execution SDK and defaults to paper trading; nothing requested or installed appears disproportionate to that purpose.
Guidance: This skill appears internally consistent: it needs a SIMMER_API_KEY and the simmer-sdk Python package to run, and it defaults to safe paper trading unless you explicitly enable --live. Before enabling live trading or providing the SIMMER_API_KEY, verify the Simmer provider and the simmer-sdk package source (PyPI/project homepage) and confirm you trust the skill author. The SKILL.md mentions optional integrations (Social Blade, Spotify, X/Twitter) — those are not required but if you extend the skill to use them, only provide credentials you trust and limit their scope. If you plan to run live trades, test thoroughly in sim mode and review the Simmer account & API key permissions to limit financial risk.

Review Dimensions

Purpose & Capability: okThe skill's name/description (celebrity/social media Polymarket trading) matches what the files request and do: a single required API key (SIMMER_API_KEY) and a Simmer SDK pip dependency used to discover markets and submit simulated or live trades. No unrelated cloud credentials, system binaries, or unrelated config paths are required.
Instruction Scope: okSKILL.md and trader.py limit actions to market discovery, sizing, and execution. The README suggests optional data sources (Social Blade, Spotify, Nielsen, X API) as remix ideas but does not require their credentials or instruct the agent to read unrelated files or secrets. The skill defaults to simulated/paper trading and only performs real trades when explicitly run with a --live flag.
Install Mechanism: okNo high-risk arbitrary downloads are present. The manifest declares a pip dependency (simmer-sdk) which is a standard install mechanism — moderate risk but expected for an SDK-based trading skill. There is no install script that pulls from unknown URLs or extracts arbitrary archives.
Credentials: okOnly SIMMER_API_KEY (and SIMMER_* tunables) are declared and used; these are proportional to a trading SDK client. The code accesses only those SIMMER_* variables and does not attempt to read additional secrets or unrelated environment variables.
Persistence & Privilege: okThe skill is not forced always-on (always:false) and autostart is false. It is automaton-managed with an entrypoint but defaults to paper trading; autonomous invocation is allowed (platform default) but is not combined with broad secret access or other red flags.