扫描报告
5 /100
polymarket-48h-sports-line-curve-trader
Trades structural mispricings in sports O/U markets by detecting probability curve violations on Polymarket
A legitimate Polymarket sports betting arbitrage trader with no malicious indicators; all capabilities match documented behavior and the skill safely defaults to paper trading.
可以安装
No action needed. This skill is safe to use. The SIMMER_API_KEY credential access is declared and necessary for trading functionality.
| 资源类型 | 声明权限 | 推断权限 | 状态 | 证据 |
|---|---|---|---|---|
| 文件系统 | NONE | NONE | — | No file read/write operations in code |
| 网络访问 | READ | READ | ✓ 一致 | trader.py:284-290 client.find_markets() calls simmer-sdk which makes API calls |
| 命令执行 | NONE | NONE | — | No subprocess/os.system/eval calls found |
| 环境变量 | READ | READ | ✓ 一致 | trader.py:43-50 reads SIMMER_* env vars for configuration |
| 技能调用 | NONE | NONE | — | No inter-skill invocation |
| 剪贴板 | NONE | NONE | — | No clipboard access |
| 浏览器 | NONE | NONE | — | No browser automation |
| 数据库 | NONE | NONE | — | No database access |
目录结构
3 文件 · 24.6 KB · 678 行 Python 1f · 471L
Markdown 1f · 120L
JSON 1f · 87L
├─
clawhub.json
JSON
├─
SKILL.md
Markdown
└─
trader.py
Python
依赖分析 1 项
| 包名 | 版本 | 来源 | 已知漏洞 | 备注 |
|---|---|---|---|---|
simmer-sdk | * | pip | 否 | Version not pinned; PyPI package from SpartanLabsXyz |
安全亮点
✓ No shell execution (subprocess, os.system, eval)
✓ No network calls to unknown external IPs
✓ No credential harvesting or exfiltration
✓ No base64 obfuscation or anti-analysis techniques
✓ Documentation accurately describes all functionality
✓ Safe paper trading default with explicit --live flag for real trades
✓ All dependencies declared in requirements (simmer-sdk)
✓ No access to sensitive paths (~/.ssh, ~/.aws, .env)
✓ No persistence mechanisms (cron, startup hooks)
✓ No prompt injection or jailbreak attempts