Back to skill
Skillv0.1.0
VirusTotal security
Polymarket Weather Trader · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
BenignApr 30, 2026, 4:03 AM
- Hash
- 58ad24784b312f38336230c08cc14d8229b66f0436d8d20e1774b79160d91b45
- Source
- palm
- Verdict
- benign
- Code Insight
- Type: OpenClaw Skill Name: weather-py Version: 0.1.0 The skill bundle is designed to trade Polymarket weather markets using NOAA forecasts via the Simmer API. All files (SKILL.md, status.py, weather_trader.py, config.json) align with this stated purpose. The `SKILL.md` provides clear instructions for the AI agent and user, without any evidence of prompt injection attempts to manipulate the agent into unauthorized actions. The Python scripts (`status.py`, `weather_trader.py`) legitimately access the `SIMMER_API_KEY` from environment variables to interact with `https://api.simmer.markets` and `https://api.weather.gov` for market data, portfolio information, and trade execution. Configuration is handled via `config.json` or environment variables, and the `--set` CLI argument for `weather_trader.py` uses controlled updates. There is no evidence of data exfiltration to unauthorized endpoints, malicious execution (e.g., `curl|bash`), persistence mechanisms beyond user-enabled cron scheduling, or obfuscation. The code's functionality is consistent with a legitimate trading automation tool.
- External report
- View on VirusTotal