Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Manual Trade Placement
v1.1.0Place manual trades on Polymarket by telling your agent what to bet on. Supports FAK (instant fill at market) and GTC (limit order on the book). Pass a Simme...
⭐ 0· 448·1 current·1 all-time
byDyll@djdyll
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The skill's name/description (manual trading on Polymarket via Simmer) matches the code and README: it calls Simmer APIs, fetches CLOB book data, and places orders. However the registry metadata shown at the top says 'Required env vars: none' and 'Primary credential: none' while clawhub.json, README.md, and SKILL.md all declare SIMMER_API_KEY and WALLET_PRIVATE_KEY as required; this mismatch is an incoherence that should be resolved before trusting the skill.
Instruction Scope
SKILL.md and manual_trade.py instruct the agent to import markets, fetch live order book data, and place signed trades via simmer-sdk — all expected. But manual_trade.py unconditionally attempts to load a .env file at /root/.openclaw/.env using dotenv.load_dotenv("/root/.openclaw/.env"). Loading an agent-global .env file is unnecessary for the skill's stated usage and risks reading unrelated secrets stored there. The code otherwise calls only expected external endpoints (api.simmer.markets, clob.polymarket.com).
Install Mechanism
This is instruction-only with a shipped Python script; there is no install spec. clawhub.json lists a pip requirement (simmer-sdk). No external arbitrary downloads or archive extraction are present. The absence of a formal install step is low risk, but the skill will require installing simmer-sdk to operate.
Credentials
Requiring SIMMER_API_KEY and WALLET_PRIVATE_KEY is proportionate to placing signed trades, but these are highly sensitive. The code doesn't directly reference WALLET_PRIVATE_KEY but relies on simmer-sdk (which may read env vars or accept a key) — that is reasonable but sensitive. The bigger proportionality concern is the unconditional load of /root/.openclaw/.env, which may grant the skill access to additional secrets beyond the two declared variables. Also the registry metadata inconsistency (required envs omitted at the top) is a red flag.
Persistence & Privilege
always: false and no autostart/always flags are set. The skill does not request system-wide persistence or modify other skills' configurations. Note: the skill can be invoked autonomously by default (platform normal behavior) — combined with access to a private wallet key this increases blast radius, so only grant credentials to trusted skills.
What to consider before installing
This skill appears to implement Polymarket trades via Simmer and legitimately needs SIMMER_API_KEY and your wallet key, but there are two red flags: (1) the package/registry metadata omitted required env vars while the included files declare SIMMER_API_KEY and WALLET_PRIVATE_KEY — confirm which is accurate before proceeding; (2) manual_trade.py calls dotenv.load_dotenv('/root/.openclaw/.env'), which will read an agent-global .env file and could expose unrelated secrets. Before installing or providing credentials: review the code yourself (or ask the author) and remove the load_dotenv call, run the skill in a sandboxed environment, only provide a wallet key you can rotate or a test wallet, or prefer using the 'sim' venue for testing. If you don't trust the author or can't inspect/modify the code, do not provide your WALLET_PRIVATE_KEY to this skill.Like a lobster shell, security has layers — review code before you run it.
latestvk97cv9vraczam7vqacwsqf8nw182xz1s
License
MIT-0
Free to use, modify, and redistribute. No attribution required.