ClawHub
Back to skill
v2.0.5

Polymarket Kalshi Divergence

ReviewClawScan verdict for this skill. Analyzed May 1, 2026, 7:38 AM.

Analysis

This is a disclosed trading automaton, but live mode can place real Polymarket trades on a recurring schedule using a Simmer API key.

GuidanceInstall only if you intend to run an automated trading workflow. Leave it in dry-run or simulated mode first, verify market matching and thresholds, use a restricted API key and limited funds, and do not enable live scheduled trading unless you are comfortable with automatic repeated trades and possible financial loss.

Findings (3)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Tool Misuse and Exploitation
SeverityHighConfidenceHighStatusConcern
SKILL.md
Runs every 5 minutes via cron (`*/5 * * * *`). Managed automaton (auto-executes on schedule). Dry-run by default. Pass `--live` to execute real trades.

The artifacts clearly disclose scheduled automation and real trade execution in live mode. Because trades can spend funds and the artifacts do not describe per-trade approval or aggregate exposure limits, this is high-impact authority users should review before enabling.

User impactIf configured for live trading, the skill could place repeated real-money prediction-market trades without asking the user each time.
RecommendationKeep it in dry-run or simulated mode until verified. If enabling live mode, use small balances, add explicit per-trade approval or strict daily/position limits, and monitor logs closely.
Agentic Supply Chain Vulnerabilities
SeverityLowConfidenceHighStatusNote
clawhub.json
"pip": [
      "simmer-sdk",
      "requests"
    ]

The skill depends on external Python packages and does not pin versions. This is normal for an API integration, but dependency changes could affect a financial trading automaton.

User impactFuture or compromised package versions could change behavior in a tool that may place trades.
RecommendationPin dependency versions, review the dependency sources, and reinstall only from trusted package indexes.
Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse
SeverityMediumConfidenceHighStatusConcern
kalshi_divergence.py
_client = SimmerClient(
            api_key=os.environ["SIMMER_API_KEY"],
            venue=os.environ.get("TRADING_VENUE", "sim")
        )

The script uses a Simmer API key and a venue selector. This is expected for the stated purpose, but it grants account-level authority that can become real trading authority when the venue/live settings are changed.

User impactA Simmer API key with real trading permissions could allow the automaton to spend funds or alter positions through the linked account.
RecommendationUse the least-privileged or paper-trading credential available, keep only limited funds exposed, rotate the key if needed, and confirm the installed skill metadata clearly declares this credential requirement.