Skillv1.1.0

ClawScan security

Simmer Resolution Tracker · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignMar 14, 2026, 4:53 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's code, declared dependencies, and runtime instructions are consistent with its stated purpose (monitor Simmer positions, log outcomes, post alerts, and auto‑redeem on Polymarket), but it requires a highly sensitive private key and reads local .env files — so treat the WALLET_PRIVATE_KEY carefully and review the Simmer SDK before use.
Guidance: This skill appears to do what it says, but it requires your Polymarket wallet private key (WALLET_PRIVATE_KEY) which can be used to sign transactions — treat it as highly sensitive. Before installing: (1) audit the simmer-sdk package and consider pinning a known-good version; (2) prefer using POLY_MODE=sim for testing to avoid exposing or using your private key; (3) do not keep other unrelated secrets in .env or ~/.env in the same environment because the script loads those files automatically; (4) limit filesystem permissions on the DATA_DIR (trade_journal.jsonl and related files) and ensure your runtime environment is trusted; (5) if possible, use a more secure signing approach (hardware wallet or ephemeral key) rather than a long-lived plaintext private key in environment variables.

Review Dimensions

Purpose & Capability: okName/description (monitor resolutions, log PnL, post Discord alerts, redeem on-chain) match the code and metadata. The skill requires simmer-sdk and the SIMMER_API_KEY and WALLET_PRIVATE_KEY which are expected for polling the Simmer API and performing on‑chain redemptions.
Instruction Scope: noteSKILL.md and README instruct the agent to poll Simmer, match trades in a local trade_journal.jsonl, post Discord webhooks, and redeem via the simmer-sdk — which the code implements. The code also loads a local .env or ~/.env if present (development convenience) which will cause the skill to read additional environment variables from disk; this is outside the declared config paths and could cause accidental access to other secrets stored there.
Install Mechanism: okNo remote downloads or obscure installers. The skill is instruction-only with a pip dependency (simmer-sdk) declared in clawhub.json and explained in SKILL.md; that is proportionate and expected for Python-based integration with Simmer.
Credentials: noteRequested credentials (SIMMER_API_KEY and WALLET_PRIVATE_KEY) are sensitive but justified by the functionality (API access and signing/redemption). The skill treats WALLET_PRIVATE_KEY as required; if you don't want automatic redemptions you can set POLY_MODE=sim. Be aware WALLET_PRIVATE_KEY gives on‑chain signing capability and should be protected (avoid long-lived plaintext keys in shared environments).
Persistence & Privilege: okThe skill is not always:true and autostart is false. clawhub.json schedules a cron run (*/5) and marks the automaton entrypoint; this matches the SKILL.md 'runs every 5 minutes' claim. The skill writes/reads files only in its DATA_DIR (defaults to ./data/live or ./data/sim), not modifying other skills or system-wide agent settings.