Polymarket Copytrading
Security checks across static analysis, malware telemetry, and agentic risk
Overview
This real-money copytrading skill is mostly purpose-aligned, but it needs review because it asks for trading credentials and the artifacts conflict about whether live mode can sell positions by default.
Install only if you are comfortable with automated crypto-market trading. Run dry-run mode first, use a separate low-balance wallet, set small trade limits, verify whether sell-on-whale-exit is enabled, and pin or verify the external SDK before providing live credentials.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
64/64 vendors flagged this skill as clean.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A user could enable live copytrading believing it is buy-only, while the skill may sell positions when followed wallets exit.
The same script documentation says both that it never sells by default and that whale-exit selling is enabled by default. SKILL.md also says sells require explicit flags, so the live sell behavior is materially unclear.
By default, runs in "buy only" mode ... never sells existing positions. ... Whale exit detection is ON by default (sell when whales exit)
Treat live mode as capable of selling until the default is verified. Start with dry runs and small limits, use `--no-whale-exits` if you need buy-only behavior, and ask the publisher to make sell defaults explicit and consistent.
Anyone or any process with these environment variables may be able to access trading functions or sign orders with the funded wallet.
A wallet private key can authorize real Polymarket trades, and the Simmer API key grants account access. This is expected for live trading but is high-impact credential use.
Ask for wallet private key ... Store in environment as `WALLET_PRIVATE_KEY` ... The SDK uses this to sign orders client-side automatically
Use a separate low-balance trading wallet, protect secrets with an environment/secret manager rather than chat, rotate API keys if exposed, and do not provide a private key unless you intend to enable live trading.
A future package update or compromised dependency could affect trading behavior or credential handling.
The dependency versions are minimum ranges rather than pinned versions or hashes. The setup instructions also use an upgrade-style pip install, so the exact SDK code handling trades may change over time.
simmer-sdk>=0.11.1 packaging>=20
Install only from a trusted environment, verify the Simmer SDK source, and prefer pinned versions with hashes for any wallet/private-key trading setup.
If configured for reactor or recurring operation, the skill may continue placing copy trades until stopped or until configured limits are reached.
The skill supports an event-driven mode that can keep polling for signals and mirroring trades. This is disclosed and aligned with copytrading, but it is autonomous financial activity.
Reactor mode ... Polls every 2s for pre-resolved whale signals
Keep autostart/cron disabled unless intended, monitor runs, set conservative max trade and max position limits, and stop the process when you no longer want automated trading.