Skillv0.0.3

ClawScan security

Polymarket Esports Trader · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

ReviewApr 28, 2026, 2:21 PM

Verdict: Review
Confidence: high
Model: gpt-5-mini
Summary: The skill's documentation claims 'no external API required' and no env vars, but the packaged metadata and code require a SIMMER_API_KEY and a third‑party pip package (simmer-sdk) to discover and execute trades — this mismatch warrants caution before installing or handing over credentials.
Guidance: Don't install or give credentials until you resolve the documentation/code mismatches. Specific steps: - The skill actually requires SIMMER_API_KEY and the simmer-sdk pip package (clawhub.json + trader.py) despite SKILL.md and registry metadata saying 'no external API/vars'. Treat that as a red flag for sloppy or misleading documentation. - SIMMER_API_KEY is a credential that likely allows placing trades. If you provide it, the skill can execute real financial transactions when run with --live. Only supply the key if you trust the simmer-sdk author and the key's permissions; prefer a restricted/test key and confirm the provider's security practices. - Inspect the simmer-sdk package (pip source) before installing. Verify the maintainer, read its code (the SDK will be handling your API key), and ensure it does not transmit other environment variables or secrets. - Test the skill in paper mode first (the code defaults to venue="sim" and paper trading) and confirm behavior before enabling live trades. Keep live funds in a separate account or use API keys with limited permissions. - Because the source and homepage are unknown, exercise extra caution: the mismatch between documentation and the actual requirements increases risk of accidental credential exposure or unintended trades. If you need this skill, ask the publisher to correct SKILL.md and registry metadata to explicitly list required env vars, dependencies, and the exact conditions under which live trades occur.

Review Dimensions

Purpose & Capability: concernSKILL.md repeatedly states the default signal is 'no external API required' and frames the skill as a template that 'handles plumbing' while your agent provides alpha. In contrast, clawhub.json declares a pip dependency (simmer-sdk) and a required env var SIMMER_API_KEY, and trader.py instantiates SimmerClient(api_key=os.environ['SIMMER_API_KEY']) to perform market discovery and trade execution. Asking for an API key and a trading SDK is coherent with a trader, but is inconsistent with the written claim of 'no external API required' and with the registry metadata that listed no required env vars. The mismatch is a design/documentation incoherence that could mislead non-technical users.
Instruction Scope: concernThe SKILL.md describes market-discovery and sizing logic at length and positions the skill as 'safe by default', but the runtime instructions and the shipped trader.py show the agent will call out to the Simmer SDK to find markets and (optionally) place real trades when run with --live. SKILL.md omits the fact that the skill uses an external SDK and requires an API key; this omission expands the agent's runtime scope in ways the docs don't make explicit. The code reads many SIMMER_* environment variables (tunables) and applies configuration from Simmer, but it does not read other unrelated system files or credentials.
Install Mechanism: noteThere is no ad-hoc URL download: the package uses pip to install 'simmer-sdk' (declared in clawhub.json). Installing a pip package is a common, moderate-risk mechanism — reasonable for a trading SDK — but you should verify the simmer-sdk package origin and inspect it before granting credentials. Also note the registry metadata and SKILL.md present conflicting statements about whether any external packages are required.
Credentials: concernThe skill requires SIMMER_API_KEY (declared in clawhub.json) and many non-secret tunables prefixed SIMMER_* (MAX_POSITION, MIN_VOLUME, etc.). Requiring a single trading API key is proportionate for a trading skill, but the public-facing metadata incorrectly listed 'Required env vars: none' while the actual bundle needs the key. SIMMER_API_KEY is a powerful credential (it likely allows placing real trades when --live is used); handing it over enables financial operations and potential losses, so the mismatch in documentation is significant.
Persistence & Privilege: okalways:false and user-invocable:true (defaults) are set. The clawhub.json marks the automaton as managed with entrypoint trader.py, but autostart is false and there's no cron schedule. The skill does not request permanent always-on privileges. apply_skill_config is called if present (it may update SIMMER_* tunables), which is expected for an automaton-managed skill and does not indicate cross-skill or system-wide privilege escalation.