Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Polymarket Copytrading
v1.0.0Mirror positions from top Polymarket traders using Simmer API. Size-weighted aggregation across multiple wallets.
⭐ 0· 50·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
Capability signals
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
OpenClaw
Suspicious
high confidencePurpose & Capability
The code and SKILL.md consistently implement Polymarket copytrading via the Simmer SDK and require a Simmer API key — which is coherent with the described purpose. However the top-level registry summary in the evaluation input said "Required env vars: none", while clawhub.json and the code clearly require SIMMER_API_KEY and pip dependency simmer-sdk. That metadata mismatch is a red flag (likely a packaging/manifest mistake) and should be resolved before trusting the skill.
Instruction Scope
Runtime instructions and code stay within the stated scope: fetching whale positions, aggregating, planning trades server-side, and executing trades client-side via the Simmer SDK. The skill will call Simmer API endpoints (including POST /api/sdk/copytrading/execute) and may make marketplace changes (import markets, place trades, set risk monitors). It does not, from the visible code, attempt to read unrelated system files or exfiltrate data to third-party endpoints beyond simmer.markets.
Install Mechanism
There is no explicit install spec in the package, but requirements.txt and clawhub.json list the PyPI package simmer-sdk. That is a typical approach (pip install simmer-sdk). This is moderate-risk only because pip packages can contain arbitrary code — you should inspect or pin the simmer-sdk package/version before installing.
Credentials
The skill needs an API credential (SIMMER_API_KEY) which is directly relevant to its purpose, but the manifest inconsistency (registry-level said no env vars while clawhub.json and code require SIMMER_API_KEY and the SKILL.md documents SIMMER_COPYTRADING_* env vars) is concerning. The single API key grants the skill the ability to place real trades and set risk monitors on your Simmer account; that is powerful and directly affects funds. The code also reads TRADING_VENUE and AUTOMATON_MAX_BET from the environment although those are not declared at the top-level metadata. Treat the API key as highly sensitive and only supply it after reviewing the simmer-sdk and confirming the exact permissions/scope.
Persistence & Privilege
always:false and autostart:false. clawhub.json marks the automaton as managed with entrypoint copytrading_trader.py, but it doesn't force inclusion or automatic startup. The skill will be able to execute trades when invoked, but it does not request permanent 'always' privilege or attempt to modify other skills' configs in the provided code.
What to consider before installing
Key points before installing or running this skill:
- Metadata mismatch: The package manifest (clawhub.json and requirements.txt) requires SIMMER_API_KEY and the simmer-sdk package, but the evaluation header claimed no required env vars — assume SIMMER_API_KEY is required and verify the manifest before trusting the skill.
- Sensitive credential: SIMMER_API_KEY can be used to execute real trades and set monitors on your Simmer account. Only provide it after you:
- Inspect or verify the simmer-sdk package version (simmer-sdk>=0.9.19) and its source (PyPI/GitHub). Prefer pinned, audited releases.
- Run the skill in paper-trade mode first (use --venue sim or let it auto-fallback to $SIM) and always use --dry-run to view the planned trades.
- Test safely: Start with --dry-run and small max_usd (or SIM $SIM papers) and review the trade plan produced by the server endpoint before allowing live execution.
- Review code: If you are not comfortable trusting the simmer-sdk package, inspect the library code (or run in an isolated environment) to confirm no unexpected network calls or credential exfiltration exist.
- Environment hygiene: Be aware the skill reads additional env vars (TRADING_VENUE, AUTOMATON_MAX_BET, SIMMER_COPYTRADING_*) which were not declared in the top-level summary. Do not expose your primary production API key to untrusted or unanalyzed skills; consider creating a restricted/test API key if the platform supports it.
- If anything about the manifest, package source, or behavior is unclear, treat the skill as risky until resolved. The primary danger here is financial (unauthorized trades), not hidden malware; diligence and testing in paper mode mitigate most risk.Like a lobster shell, security has layers — review code before you run it.
latestvk97ad2pejxkd3rsxeyz728wc9s8462k9
License
MIT-0
Free to use, modify, and redistribute. No attribution required.