Skillv1.16.0

ClawScan security

Weather Trader · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousApr 7, 2026, 5:30 PM

Verdict: suspicious
Confidence: medium
Model: gpt-5-mini
Summary: The skill's code and runtime instructions match a weather-based trading bot, but there are inconsistencies between declared metadata and the actual files (missing declared env requirements and missing install instructions for declared dependencies) that the user should resolve before running live trades.
Guidance: This package appears to be a genuine weather-market trading bot, but several inconsistencies should make you cautious: - Do not run with --live or provide API keys until you verify the code. The skill will make authenticated network calls to Simmer (and may interact with Polymarket) and can execute real trades. - The registry metadata incorrectly states there are no required environment variables; the repository (clawhub.json and scripts/status.py) expects SIMMER_API_KEY and SKILL.md expects TRADING_VENUE in a .env. Confirm which credentials are required and where they will be used before supplying secrets. - There is no explicit install spec even though clawhub.json lists a pip dependency (simmer-sdk). Expect to install external Python packages if you run the code; review the package(s) (simmer-sdk) separately for trustworthiness. - Inspect weather_trader.py (the long entrypoint) and any modules that call external APIs to confirm there are no unexpected endpoints or credential exfiltration. Check how Polymarket live mode is implemented and whether it requires additional tokens or wallet signing. - Run the code first in dry-run mode and with network blocked (or against a sandboxed / test account) to observe behavior and file writes (trades.jsonl, performance_snapshot.json) before connecting real funds. If you want, I can: (a) list all places in the code that read environment variables or make network calls, (b) search weather_trader.py for lines that perform live trades or call external endpoints, or (c) highlight exactly which files/lines reference SIMMER_API_KEY and TRADING_VENUE.

Review Dimensions

Purpose & Capability: noteThe name, SKILL.md, and included Python modules (ev_calculator.py, bayesian_update.py, maker_taker_arbiter.py, weather_trader.py, etc.) are coherent with a Polymarket/Simmer weather-trading bot. Requiring a Simmer API key (present in clawhub.json and referenced by scripts/status.py) is appropriate for the stated purpose. The main mismatch: the registry-level 'Requirements' block above lists no required environment variables, while clawhub.json and the code expect SIMMER_API_KEY and a pip dependency 'simmer-sdk'.
Instruction Scope: noteSKILL.md instructs running the local Python entrypoint (dry-run or --live) and fetching forecasts and market data. That scope is consistent with trading. The instructions explicitly enable real trades when run with --live and reference .env variables (TRADING_VENUE). The SKILL.md and code will make authenticated network calls to Simmer (https://api.simmer.markets) and may interact with Polymarket when configured — this is expected but high-impact, so users must not run with --live until credentials and behavior are inspected.
Install Mechanism: noteThere is no formal install spec in the registry (instruction-only), which is lower risk, but clawhub.json declares a pip dependency ('simmer-sdk') and environment tunables. That means installing the skill in practice will require fetching an external Python package even though the registry provides no install step. This mismatch is an incoherence to clarify (no arbitrary download URLs were found in the files).
Credentials: concernThe code and clawhub.json reference SIMMER_API_KEY and SKILL.md references TRADING_VENUE/.env settings — these are proportional to a trading bot. However the top-level registry metadata claims 'Required env vars: none' and 'Primary credential: none', which is incorrect. Also SKILL.md mentions Polymarket live trading but the manifest does not declare any Polymarket credential variables; if Polymarket live trading requires additional credentials or wallet access those are not declared. The missing/incorrect declaration of required secrets is a red flag that should be resolved before use.
Persistence & Privilege: okThe skill is not force-included (always:false) and does not request system-wide persistent privileges. clawhub.json's automaton.managed: true and entrypoint are expected for a runnable skill. The skill writes/reads local files (trades.jsonl, performance_snapshot.json) which is consistent with a trading skill and declared behavior.