ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Polymarket Weather Trader

v1.0.0

Trade Polymarket weather markets using NOAA (US) and Open-Meteo (international) forecasts via Simmer API. Inspired by gopfan2's $2M+ strategy. Use when user...

0· 57·0 current·0 all-time
by@richducat·fork of @adlai88/polymarket-weather-trader (1.17.0)
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
Capability signals
CryptoRequires wallet
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
!
Purpose & Capability
The skill's stated goal (trading Polymarket using Simmer forecasts) aligns with the code: it calls NOAA/Open-Meteo and the Simmer API and requires the simmer-sdk. However SKILL.md instructs the user to provide and store a wallet private key (WALLET_PRIVATE_KEY) for live trading, while the bundle metadata (clawhub.json and top-level registry summary) either omit or inconsistently list required env vars. Asking for a private key is plausible for live automated trading, but the credential is not declared consistently in the skill manifest, which is an incoherence and a security concern.
!
Instruction Scope
Runtime instructions explicitly tell the agent to ask for and store sensitive secrets (SIMMER_API_KEY and a wallet private key) and to save many runtime tunables as environment variables; they also advise setting up cron for scheduled runs. Collecting and storing private keys in environment variables is risky and the instructions do not provide secure alternatives (e.g., hardware wallet, local signing, ephemeral signing). The SKILL.md gives the agent broad authority to 'save settings to environment variables' which could lead to secrets being persisted in agent runtime environment without adequate safeguards.
Install Mechanism
There is no download/install script in the bundle (instruction-only plus code files), which reduces some risk. clawhub.json declares a pip dependency on 'simmer-sdk' — a normal package installable from PyPI (moderate risk typical of pip packages). There is an inconsistency between the top-level 'Requirements' summary (which claimed no required env vars) and clawhub.json (which lists SIMMER_API_KEY), but there are no download-from-unknown-URL install steps or archive extraction in the package.
!
Credentials
The skill requires and documents many tunable env vars (entry/exit thresholds, sizing, vol targeting), which is reasonable for a trading bot. The notable issue: SKILL.md instructs the user to supply WALLET_PRIVATE_KEY (sensitive) for live trading, but the manifest does not clearly declare this required credential. The bundle's recorded requirements are inconsistent, and the runtime guidance to store private keys in environment variables is disproportionately risky relative to the stated description unless the user is explicitly warned and given safer alternatives.
Persistence & Privilege
always: false and autostart: false minimize forced persistence. The automaton is marked 'managed' with an entrypoint weather_trader.py, meaning the system can run the script when invoked, and the skill supports scheduling (user must enable cron). Autonomous invocation is allowed (platform default). Combined with the request for a wallet private key this increases potential impact (automated trades if enabled), so users should be cautious before providing live-trading credentials or enabling scheduling.
What to consider before installing
This skill appears to implement a coherent weather-trading bot, but there are important red flags you should address before installing or providing secrets: - Do not paste your main wallet private key into an environment variable without understanding how it will be used and stored. SKILL.md asks for WALLET_PRIVATE_KEY for live trading but the package manifest does not consistently declare it — ask the author why the credential is omitted from the declared requirements and how the key is consumed. - Prefer safer signing methods: hardware wallet, ephemeral signing, or local-only signing; if the Simmer SDK supports injecting a signing callback rather than reading a raw private key, use that. - Run in dry-run mode first (the script supports a non-live/dry-run) and inspect behavior. Use a dedicated, funded test/trading wallet with minimal funds if you must test live trading. - Audit the 'simmer-sdk' package source (PyPI/GitHub) before installing; verify the package is official and inspect what it does with API keys and private keys. - Because the skill can be scheduled/autonomous, avoid enabling cron/autostart until you trust its operation and secrets handling. - Ask the skill author to: (1) explicitly declare all required environment variables (including WALLET_PRIVATE_KEY if needed), (2) document how private keys are used/stored and whether they are transmitted anywhere, and (3) provide secure signing alternatives or documented instructions for minimizing risk. If you are not comfortable providing a private key or enabling automated trading, do not install or do not enable live/scheduled mode. If you proceed, use limited funds and rotate keys after testing.

Like a lobster shell, security has layers — review code before you run it.

latestvk976vdfn9gxhjtpny801jnpejx846dyv

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments