Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Polymarket Clob Microstructure
v1.0.0Analyzes Polymarket order book microstructure for inefficiencies and generates signals to trade fake breakouts and manage position sizing.
⭐ 0· 26·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
Capability signals
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
OpenClaw
Suspicious
high confidencePurpose & Capability
The skill's name, description, SKILL.md and clob_microstructure.py align: it fetches Polymarket order books, scores microstructure, and can trade MEAN_REVERT signals via SimmerClient. However the registry summary at the top of the prompt claimed no required environment variables while both SKILL.md and clawhub.json require SIMMER_API_KEY — a discrepancy in metadata that should be corrected. Requesting an API key for Simmer is appropriate for trading functionality.
Instruction Scope
SKILL.md instructs running clob_microstructure.py (cron every 5 minutes) and explicitly supports a --live mode to execute real trades; the script uses network calls to clob.polymarket.com and data-api.polymarket.com and invokes SimmerClient to place trades. The instructions and code permit autonomous periodic execution and live trading if the API key is present. The SKILL.md claims defaults to dry-run but gives the agent clear means to execute real trades — this increases risk if the skill is invoked without careful review.
Install Mechanism
There is no installer that downloads arbitrary code; the package is instruction-only with an included Python file. clawhub.json declares pip dependencies (simmer-sdk, requests) which are reasonable for the stated purpose. No external or untrusted download URLs are present.
Credentials
The skill requires SIMMER_API_KEY (declared in SKILL.md and clawhub.json) which is appropriate for trading, but the top-level manifest reported 'Required env vars: none' — inconsistent metadata. The code also reads many optional CLOB_* and TRADING_VENUE environment variables (CLOB_LIQUIDITY_GAP, CLOB_IMBALANCE_THRESHOLD, CLOB_TRADE_SIZE, CLOB_MARKETS_TO_SCAN, CLOB_MIN_HOURS_TO_EXPIRY, CLOB_MAX_TRADES, etc.) that are not declared in the registry env list. Because this skill can perform actions with financial impact, ensure the SIMMER_API_KEY has limited permissions and that you understand how live mode is triggered.
Persistence & Privilege
always:false (not force-installed) and model invocation is allowed (normal). The skill can be scheduled (cron every 5 minutes) and, when invoked with --live and provided credentials, will place trades. Autonomous invocation combined with real-trade capability raises the operational risk (unexpected trades) but is not in itself a manifest privilege escalation—review invocation policies and restrict automatic runs if needed.
What to consider before installing
This skill appears to do what it claims (analyze order books and optionally trade) but there are important practical risks and metadata inconsistencies to consider before installing:
- Metadata mismatch: the registry summary that listed no required env vars is incorrect; SKILL.md and clawhub.json require SIMMER_API_KEY. Treat the latter as authoritative. Ask the publisher to correct registry metadata before trusting the package.
- Trading risk: with a valid SIMMER_API_KEY and running the script with --live, the skill will place real trades. Keep the API key scoped to minimal permissions and test thoroughly in dry-run mode first.
- Autonomy & scheduling: the skill is intended to run on a 5-minute cron. If you allow autonomous invocation or enable scheduled runs, ensure you have monitoring and limits (MAX_TRADES_PER_RUN, position caps) configured and that you understand how to abort live runs.
- Hidden env usage: the code reads several optional CLOB_* environment variables not declared in the registry; audit any environment variables you set and review the code (including the truncated portion) to ensure there are no unexpected network endpoints or exfiltration paths.
- Code review: before providing credentials, review the full Python file (the sample was truncated) for any unexpected network calls, logging of secrets, or code paths that could post data to unknown endpoints.
If you want to proceed: run in dry-run mode locally, confirm behavior, and limit the SIMMER_API_KEY permissions and schedule. If you prefer, ask the publisher to provide corrected metadata and a third-party security review.Like a lobster shell, security has layers — review code before you run it.
latestvk97bm60rjhzxnw7thc5hcwmzwh847qe8
License
MIT-0
Free to use, modify, and redistribute. No attribution required.