Vincent - Trade Manager
PassAudited by ClawScan on May 10, 2026.
Overview
This skill is coherent and purpose-aligned, but it gives a backend trading system ongoing authority to monitor Polymarket positions and automatically sell when user-created rules trigger.
Install/use this only if you trust the Vincent backend and @vincentai CLI for financial automation. Pin or verify the CLI package where possible, create narrowly scoped rules, check key and policy settings, and regularly review or cancel active rules.
Findings (5)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A misconfigured rule could sell an entire Polymarket position automatically.
The skill can cause trades to be executed automatically when a configured rule triggers. This is expected for a trade manager, but it is high-impact account mutation.
automatically executes trades when price conditions are met
Only create rules you understand, double-check market IDs/token IDs and trigger prices, and review the event log after activation.
Anyone or any agent workflow using the relevant key ID could create, update, or cancel automated exit rules if otherwise authorized.
The skill relies on existing Polymarket/Vincent account authority to manage positions. This is purpose-aligned, but the authority can affect financial positions.
Uses the same API key as the Polymarket skill
Use the least-privileged key available, keep key IDs private, and confirm Vincent policy limits and approvals before enabling automated execution.
A future CLI version or package provenance issue could change what commands do compared with this reviewed artifact.
The documented commands execute the latest version of an external npm CLI package rather than a pinned version. That is common for CLI-based skills, but it means behavior can change over time.
npx @vincentai/cli@latest trade-manager create-rule
Prefer a pinned, trusted CLI version when possible and verify the package source before using it for trading automation.
Your active rules, trigger prices, and execution history may be retained by the Vincent backend.
Trading rules and event history are persisted in a backend database. This is necessary for ongoing monitoring, but it stores user trading state beyond the immediate chat/session.
Stores rules and events in the Vincent database
Review Vincent’s data retention/access controls and avoid creating rules that reveal strategies you are not comfortable storing there.
Rules may trigger after the original session ends, changing positions without another direct prompt at trigger time unless approval policies require it.
The skill is designed to keep monitoring and act later through a backend worker. This is disclosed and purpose-aligned, but it is persistent autonomous behavior.
The Trade Manager monitors prices in real-time via WebSocket (with polling as fallback)
Periodically list active rules, cancel stale rules, and confirm that approval/spending-limit policies match your risk tolerance.