Simmer Resolution Tracker
SuspiciousAudited by ClawScan on May 10, 2026.
Overview
This skill is not obviously malicious, but it asks for wallet-level trading credentials and is designed to run automatic on-chain financial actions on a schedule.
Only install this if you intentionally want automated Simmer/Polymarket resolution handling. Start in POLY_MODE=sim, use a dedicated limited wallet, verify the simmer-sdk package, configure credentials explicitly rather than relying on ~/.env, clear the bundled live state files before first use, and make sure the 5-minute cron behavior is something you want.
Findings (8)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If the key, SDK, or automation behaves incorrectly, wallet funds or positions could be affected through signed on-chain transactions.
A wallet private key is broad financial authority, not a narrowly scoped permission. This is purpose-aligned for redemptions, but it materially expands the trust boundary.
`WALLET_PRIVATE_KEY` | ✅ | — | Polymarket wallet private key for on-chain redemptions
Use a dedicated low-balance wallet, start with POLY_MODE=sim, verify the SDK/source, and avoid providing a key that controls unrelated funds.
The skill can perform blockchain redemption actions without a manual confirmation for each transaction.
Live on-chain redemptions are the default unless the user explicitly switches to simulation mode.
`POLY_MODE` | No | `live` | Set to `sim` to skip on-chain redemptions
Run in simulation mode first, confirm the positions it would redeem, and only enable live mode when automatic redemptions are intentionally desired.
Once enabled, it may keep checking positions and attempting redemptions every 5 minutes without another direct user action.
The skill is configured for recurring background execution through a managed automaton.
"cron": "*/5 * * * *", "automaton": { "managed": true, "entrypoint": "resolution_tracker.py" }Confirm the scheduled automaton behavior before enabling it, monitor logs, and disable the cron/skill when you no longer want automatic handling.
The tracker may use old or unintended API keys, wallet keys, or webhook URLs from a broader environment file.
The code loads every key-value pair from a local or home .env file, not only the documented variables for this skill.
for candidate in [".env", os.path.expanduser("~/.env")]: ... os.environ.setdefault(k.strip(), v.strip())Remove the ~/.env fallback or restrict loading to the specific expected variables; users should configure credentials explicitly for this skill.
A new installation could silently treat matching markets as already processed, causing missed journal updates or missed redemption attempts.
The shipped default live dedupe file is pre-populated with many market IDs instead of being empty for a new user.
["c865dbf8-fe21-4c2e-bdb9-df76fc314628", "b3cfe237-a500-4a0e-aa86-29d349c4d5e5", ...]
Ship empty state files for new installs, or instruct users to clear data/live/resolved_markets.json before first live use.
Future or unexpected package versions could change behavior in a high-trust financial workflow.
The skill relies on an external Python package without a pinned version. This is expected for the integration, but it is important because the skill handles wallet-related actions.
"pip": ["simmer-sdk"]
Install from a trusted source, consider pinning a reviewed simmer-sdk version, and re-review before upgrading.
Market names, win/loss status, and P&L information may be sent outside the local environment to the configured webhook destination.
The skill sends alert content to a configured external webhook URL.
req = urllib.request.Request(WEBHOOK_URL, data=body, headers={"Content-Type": "application/json"}, method="POST")Only set DISCORD_WEBHOOK to a trusted private webhook, and leave it unset if trade-resolution details are sensitive.
Users relying only on registry metadata may underestimate the credential and wallet authority required.
The registry-level summary under-declares credentials even though the skill files require SIMMER_API_KEY and WALLET_PRIVATE_KEY. The files themselves disclose this, so this is a metadata transparency note rather than hidden behavior.
Required env vars: none ... Primary credential: none
Read SKILL.md and clawhub.json before installing, and the publisher should align registry metadata with the declared credential requirements.