ClawHub
Back to skill
v2.0.6

Polymarket Clob Microstructure

ReviewClawScan verdict for this skill. Analyzed May 1, 2026, 7:49 AM.

Analysis

The skill is coherent for Polymarket analysis, but it can use a Simmer API key to run on a schedule and place live trades, so it needs careful review before enabling live mode.

GuidanceTreat this as an automated trading bot, not just an analyzer. Keep it in dry-run or simulation until you have reviewed the code and strategy, use a restricted API key, verify the trading venue, set external account limits, and monitor or disable the cron job when not actively using it.

Findings (4)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Tool Misuse and Exploitation
SeverityHighConfidenceHighStatusConcern
SKILL.md
- Runs every 5 minutes via cron
- Defaults to dry-run; pass `--live` for real execution
...
The bot only trades on MEAN_REVERT signals, fading fake breakouts via SimmerClient.

The skill explicitly supports scheduled live trading through an external client. This is purpose-aligned, but live automated trades are high-impact and the instructions do not describe per-trade approval.

User impactIf live mode is enabled, the bot may place trades automatically and repeatedly, which can create financial exposure or losses.
RecommendationUse dry-run or simulation first, review the strategy and code, set account-level trading limits, and only enable live mode with a restricted key and an amount you are prepared to risk.
Agentic Supply Chain Vulnerabilities
SeverityLowConfidenceHighStatusNote
clawhub.json
"requires": {
    "pip": [
      "simmer-sdk",
      "requests"
    ],
    "env": [
      "SIMMER_API_KEY"
    ]
  }

The skill depends on external pip packages without version pins. That is common and purpose-aligned here, but it leaves package provenance and version changes to the installer.

User impactInstallation may pull whatever current versions of these packages are available, which can change behavior over time.
RecommendationPrefer pinned, reviewed dependency versions and confirm the `simmer-sdk` package source before installing.
Rogue Agents
SeverityMediumConfidenceHighStatusNote
clawhub.json
"cron": "*/5 * * * *",
  "automaton": {
    "entrypoint": "clob_microstructure.py",
    "managed": true
  }

The skill is configured as a recurring managed automaton. This persistence is disclosed and matches the trading-bot purpose, but users should recognize it will continue running on a schedule.

User impactThe bot may keep scanning, and in live mode potentially keep trading, until the scheduled automaton is disabled.
RecommendationMonitor scheduled runs and disable the cron/automaton when you no longer want the strategy active.
Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse
SeverityHighConfidenceHighStatusConcern
clob_microstructure.py
_client = SimmerClient(
            api_key=os.environ["SIMMER_API_KEY"],
            venue=os.environ.get("TRADING_VENUE", "sim")
        )

The code uses an API key to create a trading client and selects a venue from the environment. This is expected for the bot, but it grants account authority and can affect real trading if pointed at a live venue.

User impactThe skill can act with the privileges of the provided Simmer API key, including trading authority if that key and venue allow it.
RecommendationProvide only a least-privilege or simulation-only key where possible, verify the selected venue, and avoid using broad account credentials for automated strategies.