polymarket-telegram-picks

Key points before installing: - Metadata mismatch: the skill package metadata declares no required env vars, but SKILL.md and scripts require TELEGRAM_BOT_TOKEN and TELEGRAM_CHAT_ID (or a config/config.json). Ensure you provide these securely (prefer environment variables) and do not commit them to source control. - Code behavior: the scripts only fetch public Polymarket data and send messages to Telegram using your bot token. They do not exfiltrate other files or credentials. Still, review the code yourself to confirm it matches your expectations. - Optional env vars: run_daily.py checks OPENAI_API_KEY and POLYMARKET_DAILY_RAW_ONLY. OPENAI_API_KEY is not used by the included code currently (no LLM call is implemented), but could be referenced by future modifications—be cautious about placing sensitive API keys in an environment where third-party skills run. - Operational recommendations: run in an isolated environment or sandbox, set Telegram credentials as environment variables rather than config files, and avoid committing config/config.json to version control. Consider the legal/ethical implications of automated betting recommendations in your jurisdiction. - If you want to proceed: update the skill metadata to declare required env vars, or at minimum verify and store TELEGRAM_BOT_TOKEN and TELEGRAM_CHAT_ID securely; if you need strict assurance, run the scripts manually first to observe network calls and outputs. Confidence note: high — the code is straightforward and consistent with the described function, but the omitted required env vars and the presence of optional env checks are clear inconsistencies that justify a 'suspicious' label until clarified.