Skillv0.0.3

ClawScan security

Polymarket Ladder Chess Tournament Trader · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignApr 28, 2026, 2:27 PM

Verdict: benign
Confidence: medium
Model: gpt-5-mini
Summary: The skill's code, instructions, and requested credential (SIMMER_API_KEY) are consistent with an automated trading tool for Polymarket chess-winner markets; only minor metadata inconsistencies and expected high-value credential use were found.
Guidance: This skill appears to do what it says: scan Polymarket chess-winner markets, detect distribution-sum arbitrage, and trade via Simmer. Before installing: 1) Treat SIMMER_API_KEY as sensitive — only provide it if you trust the Simmer runtime and the simmer-sdk package source. 2) Prefer running in paper mode first (no --live) to verify behavior. 3) Note metadata mismatches (version and a missing required-env note in the registry summary) — ask the publisher to clarify if you need exact provenance. 4) Audit or vet the simmer-sdk package (pip source) and ensure you understand the live flag behavior so the skill cannot make real USDC trades unexpectedly.

Review Dimensions

Purpose & Capability: noteThe name/description match the code and SKILL.md: the skill discovers chess winner markets, computes distribution-sum violations, and paper- or live-trades via a Simmer SDK. The only mismatch is metadata: the registry summary at the top claimed no required env vars, but clawhub.json and SKILL.md require SIMMER_API_KEY. Version strings also differ across files (registry 0.0.3 vs clawhub.json 0.0.2 vs SKILL.md 1.0.0). These are metadata inconsistencies but do not change the functional purpose.
Instruction Scope: okSKILL.md and trader.py limit operations to market discovery, grouping, signal computation, and trading via SimmerClient. The skill defaults to paper trading and only performs live trades with an explicit --live flag. There are no instructions to read arbitrary unrelated system files or exfiltrate data to unknown endpoints.
Install Mechanism: okNo install script is bundled; clawhub.json declares a pip dependency on 'simmer-sdk', which is appropriate given the code uses SimmerClient. No downloads from arbitrary URLs or archive extraction were found.
Credentials: noteThe skill requires a single high-value credential, SIMMER_API_KEY, which is necessary for trading via the Simmer SDK and is explicitly documented in SKILL.md. The trader also reads tunable environment variables (SIMMER_MAX_POSITION, etc.) which are declared in clawhub.json. The earlier top-level summary incorrectly listed 'Required env vars: none', which is inconsistent with the manifest and SKILL.md.
Persistence & Privilege: okalways:false and autostart:false; automaton/entrypoint is set to trader.py which is expected for a managed trading skill. The skill attempts to call apply_skill_config on the client (wrapped in a safe try/except) which is consistent with applying its own configuration. No evidence it modifies other skills or requests permanent elevated platform privileges.