Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Polymarket Fast Loop
v1.0.0Trade Polymarket BTC 5-minute and 15-minute fast markets using CEX price momentum signals via Simmer API. Default signal is Binance BTC/USDT klines. Use when...
⭐ 0· 53·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
Capability signals
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
OpenClaw
Suspicious
medium confidencePurpose & Capability
The skill's code and SKILL.md align with the stated purpose (uses Simmer SDK, polls Polymarket/Polymarket CLOB, and uses CEX signals). However registry-level metadata shown to you (top-level 'Required env vars: none') is inconsistent with clawhub.json and SKILL.md which require SIMMER_API_KEY and list a pip dependency (simmer-sdk). This mismatch is a red flag about packaging/metadata hygiene but not evidence of malicious behavior by itself.
Instruction Scope
SKILL.md explicitly instructs the user to provide a WALLET_PRIVATE_KEY and store it in the environment for live trading; the code will run scheduled loops and make HTTP requests to external services (Simmer, Binance/CoinGecko, Polymarket CLOB) and may write local files (daily_spend.json). Requesting the wallet private key is plausible for client-side signing but is high-risk: the instructions tell users to place a private key into an env var (no guidance on secure handling or least-privilege wallets). The SKILL.md also offers running as cron/heartbeat which increases persistence/automation scope.
Install Mechanism
There is no explicit installer spec in the registry entry, but clawhub.json declares a pip dependency 'simmer-sdk'. Installing a PyPI package is standard for this purpose but carries the usual supply-chain risk: verify the simmer-sdk package provenance before pip installing. Because this is instruction+code delivered in the skill bundle, there is no remote arbitrary archive download; risk is moderate and typical for SDK-based tools.
Credentials
The skill legitimately needs a SIMMER_API_KEY (declared in clawhub.json and SKILL.md) and may need a wallet private key for live trading. Those credentials are proportionate to the trading function, but: (1) SKILL.md requests storing private key in an env var (sensitive practice), (2) the code and SKILL.md use several differently named env/config keys (e.g., SIMMER_SPRINT_SIGNAL vs SIMMER_FASTLOOP_* vs SIMMER_SPRINT_*), which is inconsistent and could cause misconfiguration or accidental leakage, and (3) there is no explicit guidance on limiting SIMMER_API_KEY or using limited-signature wallet keys—users should not expose full hot wallet keys without understanding risk.
Persistence & Privilege
always:false and user-invocable: true (normal). The skill writes local state (daily_spend.json) and is designed to be scheduled (clawhub.json automaton entrypoint), which is expected for a trading bot. It does not request always:true or system-wide config changes. No evidence it modifies other skills' configurations.
Scan Findings in Context
[clawhub.requires.env.SIMMER_API_KEY] expected: clawhub.json declares SIMMER_API_KEY in requires.env — this matches the SKILL.md and code which require a Simmer API key to instantiate SimmerClient.
[clawhub.requires.pip.simmer-sdk] expected: clawhub.json lists pip dependency 'simmer-sdk'. That is expected for a skill that uses SimmerClient, but you should validate the package source and version before installing.
[pre-scan.injection.signals] unexpected: No pre-scan injection signals were detected. Absence of findings is not proof of safety; the code itself requests sensitive credentials and makes network calls consistent with trading functionality.
What to consider before installing
Key points to consider before installing or using this skill:
- Credential risk: The skill asks you to place a WALLET_PRIVATE_KEY into an environment variable for live trading. That is sensitive. Prefer using an account/wallet with minimal funds or a signing service that restricts operations. Do not put a main/exchange hot wallet private key into a shared host or CI without strong controls.
- Verify dependencies and provenance: clawhub.json indicates a pip dependency 'simmer-sdk'. Verify that the simmer-sdk package on PyPI (or wherever you install from) is the correct, trusted package and check its version and maintainers.
- Metadata inconsistencies: The registry summary claims no required env vars while clawhub.json and SKILL.md require SIMMER_API_KEY and possibly WALLET_PRIVATE_KEY. This mismatch suggests sloppy packaging — review the code before running and prefer a dry-run first.
- Run in dry-run and isolated environment: Start with python fastloop_trader.py (dry run) and inspect logs. Run the skill in an isolated container or VM with limited network/credentials and small budgets to confirm behavior.
- Limit live risk: Use small max_position/daily_budget and consider using a dedicated wallet with limited funds and restricted signing capabilities. Rotate keys and audit transactions.
- Review full code: The provided fastloop_trader.py contains network calls to external APIs and local file writes. If you are not comfortable auditing Python code, ask a developer to review for hidden exfiltration or unexpected endpoints before providing private keys.
If you want, I can: (a) scan the full fastloop_trader.py for suspicious code paths (exfil endpoints, encoded/obfuscated strings), (b) extract all env/config names and show inconsistencies, or (c) draft safer operational guidance for running this bot (e.g., ephemeral signing service, containerization, least-privilege wallet setup).Like a lobster shell, security has layers — review code before you run it.
latestvk97ba7stjtxdt3pdzf7cz1xszx846t50
License
MIT-0
Free to use, modify, and redistribute. No attribution required.