ClawHub

Polymarket Clob Microstructure

v2.0.6

Analyzes Polymarket CLOB order books to score liquidity gaps, order imbalance, whale activity, and fake breakouts, generating trading signals and fading fake...

0· 103·0 current·0 all-time
by@mibayy
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Pending
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description match the code: it fetches order books and trades MEAN_REVERT signals via SimmerClient. Declared dependency on simmer-sdk and requests is consistent with this functionality; required env var SIMMER_API_KEY is exactly what a trading client needs.
Instruction Scope
SKILL.md and the Python entrypoint focus on: fetching CLOB and trade data from polymarket endpoints, scoring markets, safety checks, and sending trades through SimmerClient. The instructions do not ask the agent to read unrelated files, secrets, or system paths, nor to post data to unexpected external endpoints.
Install Mechanism
clawhub.json lists pip packages (simmer-sdk, requests) so installation will pull from PyPI — this is expected and moderate risk. There is no download-from-arbitrary-URL or archive extraction. (The top-level metadata said 'no install spec' but clawhub.json contains pip requirements — the presence of pip deps is normal.)
Credentials
Only SIMMER_API_KEY (and optional TRADING_VENUE and a few CLOB_* tuning envs) are referenced. These are proportional to a trading bot that uses SimmerClient; the skill does not request unrelated secrets or multiple external credentials.
Persistence & Privilege
always is false and the skill is user-invocable. It does not request global or elevated privileges, nor does it modify other skills' configuration. Autonomous invocation is allowed (default) but not combined with other red flags.
Assessment
This skill appears coherent with its described purpose. Before enabling live trading: 1) Keep it in dry-run to observe signals and log output; 2) Confirm the permissions and behaviour of the Simmer account tied to SIMMER_API_KEY (what trade permissions and withdrawal/transfer rights it has); 3) Ensure the default TRADING_VENUE='sim' or avoid --live until you trust results; 4) Review and tune MAX_TRADES_PER_RUN / FADE_SIZE_USD to limit financial exposure; 5) Be aware pip dependencies will be installed from PyPI (simmer-sdk, requests). If you need higher assurance, audit the full clob_microstructure.py file (it’s included) and verify SimmerClient’s implementation separately.

Like a lobster shell, security has layers — review code before you run it.

latestvk97e2q55905b1tv3a9bgb0pbhd83a98g

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments