Polymarket NegRisk Arbitrage
PassAudited by VirusTotal on May 11, 2026.
Overview
Type: OpenClaw Skill Name: polymarket-negrisk-arb Version: 1.0.2 The skill implements a mathematical arbitrage strategy for Polymarket NegRisk markets, scanning for multi-outcome events where price sums deviate from $1.00. The code in negrisk_arb.py and scripts/status.py uses the simmer-sdk and direct HTTPS requests to api.simmer.markets to execute batch trades and monitor portfolio status. It includes appropriate safeguards such as daily budget limits, position caps, and fee filters, with no evidence of malicious intent, data exfiltration, or prompt injection.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If run with a funded or real-trading venue, the skill could open positions and spend funds automatically.
In live mode the script submits batch trades to an external trading API. This is purpose-aligned, but it is a high-impact account mutation and the visible flow does not require a fresh user approval for each trade.
response = requests.post("https://api.simmer.markets/api/sdk/trades/batch", ... json={"trades": trades, "venue": cfg["venue"], "source": TRADE_SOURCE, "skill_slug": SKILL_SLUG,Use dry-run or simulated venue first, require manual confirmation before live trades, and set strict position and daily budget limits.
The skill may continue running and placing trades on a schedule after initial setup unless the automaton is disabled.
The skill declares a managed scheduled automaton that runs the trader in live quiet mode every two hours, enabling persistent autonomous trading.
"cron": "0 */2 * * *", "automaton": { "managed": true, "entrypoint": "negrisk_arb.py --live --quiet" }Disable the managed automaton unless you explicitly want scheduled trading, and verify how to stop or revoke it before using live mode.
A user may not realize the skill needs a credential capable of accessing or trading in their Simmer/Polymarket account.
The script uses a bearer API key for authenticated trading, while the registry metadata reports no required env vars and no primary credential. That under-discloses the account authority needed.
api_key = os.environ.get("SIMMER_API_KEY") ... "Authorization": f"Bearer {api_key}"Use the least-privileged API key available, avoid funded accounts until tested, and ensure the registry metadata clearly declares SIMMER_API_KEY and trading authority.
Users may trust the strategy more than warranted and allow live automated trading without understanding the remaining risks.
The documentation repeatedly frames the strategy as risk-free or guaranteed, which can overstate safety for live financial trading where grouping, liquidity, fees, execution, settlement, or configuration can still create losses.
buy all sides simultaneously via batch trade to lock in risk-free profit
Treat the strategy as risky financial automation, verify market grouping and execution assumptions manually, and avoid relying on 'risk-free' claims.
Installing the dependency may run or import code outside the reviewed skill files.
The skill depends on an external pip package without a pinned version. This is common for integrations, but users should know external code is required.
"requires": { "pip": ["simmer-sdk"], "env": ["SIMMER_API_KEY"] }Pin and review the dependency version where possible, and install it in an isolated environment.