ClawHub

Cybersecurity & Hacking Events Trader

Trades Polymarket prediction markets on major cyberattacks, ransomware incidents, data breaches, zero-day exploits, and national cybersecurity legislation.

MIT-0 · Free to use, modify, and redistribute. No attribution required.
0 · 19 · 0 current installs · 0 all-time installs
by@diagnostikon
MIT-0
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
medium confidence
Purpose & Capability
The code (trader.py) implements Polymarket trading via a SimmerClient and the declared dependency simmer-sdk — this aligns with the skill's stated purpose. However, the registry summary at the top of the submission lists 'Required env vars: none' while clawhub.json and SKILL.md both require SIMMER_API_KEY; that metadata inconsistency should be corrected.
Instruction Scope
SKILL.md instructs wiring threat-intel feeds (CISA KEV, ransomware.live, NVD) into compute_signal(), but the included compute_signal() implementation does not fetch or use any external feeds — it makes decisions only from market fields. The skill otherwise stays within scope (search markets, apply spread/time gates, place trades). There are no instructions to read unrelated files or secrets.
Install Mechanism
No download/install script is present; clawhub.json lists a pip dependency (simmer-sdk) which is appropriate for a Python trading client. This is a standard, moderate-risk package install path; there are no arbitrary URL downloads or archive extraction.
Credentials
The skill requests a single high-value credential (SIMMER_API_KEY) required to place trades; this is proportionate to a trading skill. Note: the code reads os.environ['SIMMER_API_KEY'] directly and will fail if missing. Tunables use SIMMER_* environment variables (with defaults) which are reasonable. Verify the authenticity and privileges of the Simmer API key before providing it.
Persistence & Privilege
autostart is false and cron is null (the skill defaults to paper trading and will not run automatically unless you enable it). always is not set. The skill does call client.apply_skill_config(SKILL_SLUG) to load tunables from the hosting platform, which is normal for automaton-managed skills and appears limited to its own config.
Assessment
This skill is coherent with its stated purpose, but before installing you should: (1) correct/confirm the metadata inconsistency about required env vars (clawhub.json and SKILL.md require SIMMER_API_KEY); (2) treat SIMMER_API_KEY as a high-value secret — store it securely and only provide a key with appropriate, limited permissions; (3) verify the simmer-sdk package (PyPI project and GitHub repo) is the official client you expect; (4) be aware the skill defaults to paper trading and only does live trades with an explicit --live flag; (5) note SKILL.md suggests integrating external feeds (CISA KEV, ransomware.live, NVD) but the current code does not fetch them — if you expect those feeds to be used, require a code update and review to ensure those integrations are implemented safely; and (6) consider running the skill in a controlled/sandbox environment and rotate the SIMMER_API_KEY after testing.

Like a lobster shell, security has layers — review code before you run it.

Current versionv1.0.0
Download zip
latestvk973y4fc9794rx920ddafwczzd830cer

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

SKILL.md

Cybersecurity & Hacking Events Trader

Cybersecurity prediction markets are the least efficiently priced category on Polymarket — most traders can’t read a CVE advisory, let alone a CISA KEV entry. That’s the edge.

This skill scans for breach, ransomware, and legislation markets using threat intelligence keywords. The base signal is probability-extreme detection. The serious signal is CISA’s Known Exploited Vulnerabilities catalog: when a new KEV entry hits critical infrastructure, related Polymarket legislation and incident markets reprice — but typically 6–12 hours after the catalog update. That window is where the alpha lives. Wire in the CISA KEV JSON feed (free, public API, updates within hours of incidents) to compute_signal() to activate it.

Strategy Overview

CVE severity score spikes as leading indicator. CISA KEV (Known Exploited Vulnerabilities) catalog additions precede regulatory market moves.

Edge Thesis

Cyber incident markets are among the least efficient on Polymarket because most traders lack technical background to interpret threat intelligence feeds. Key edge: CISA's KEV catalog (mandatory patch list) is updated within hours of a major breach. When a KEV entry affects critical infrastructure, related legislation markets spike within 24h — but Polymarket often takes 6–12h to fully reprice.

Remix Signal Ideas

Safety & Execution Mode

The skill defaults to paper trading (venue="sim"). Real trades only with --live flag.

ScenarioModeFinancial risk
python trader.pyPaper (sim)None
Cron / automatonPaper (sim)None
python trader.py --liveLive (polymarket)Real USDC

autostart: false and cron: null — nothing runs automatically until you configure it in Simmer UI.

Required Credentials

VariableRequiredNotes
SIMMER_API_KEYYesTrading authority. Treat as high-value credential.

Tunables (Risk Parameters)

All declared as tunables in clawhub.json and adjustable from the Simmer UI.

VariableDefaultPurpose
SIMMER_MAX_POSITIONSee clawhub.jsonMax USDC per trade
SIMMER_MIN_VOLUMESee clawhub.jsonMin market volume filter
SIMMER_MAX_SPREADSee clawhub.jsonMax bid-ask spread
SIMMER_MIN_DAYSSee clawhub.jsonMin days until resolution
SIMMER_MAX_POSITIONSSee clawhub.jsonMax concurrent open positions

Dependency

simmer-sdk by Simmer Markets (SpartanLabsXyz)

Files

3 total
Select a file
Select a file to preview.

Comments

Loading comments…