扫描报告
5 /100
polymarket-macro-risk-regime-trader
Detects macro risk regimes across Polymarket categories and trades lagging markets. Paper trading by default.
A legitimate Polymarket macro risk regime trading bot that defaults to safe paper trading mode, uses a standard SDK, and has no malicious indicators.
可以安装
This skill is safe to use. The paper trading default (venue="sim") ensures zero financial risk unless the explicit --live flag is passed.
安全发现 1 项
| 严重性 | 安全发现 | 位置 |
|---|---|---|
| 低危 | Unpinned dependency 供应链 | SKILL.md:95 |
| 资源类型 | 声明权限 | 推断权限 | 状态 | 证据 |
|---|---|---|---|---|
| 文件系统 | NONE | NONE | — | No filesystem operations in code |
| 网络访问 | READ | READ | ✓ 一致 | SDK calls to Polymarket API (read-only market data) |
| 命令执行 | NONE | NONE | — | No subprocess/shell invocation |
| 环境变量 | READ | READ | ✓ 一致 | Reads SIMMER_* tunables only; SIMMER_API_KEY for auth |
| 技能调用 | NONE | NONE | — | No cross-skill invocation |
| 剪贴板 | NONE | NONE | — | No clipboard access |
| 浏览器 | NONE | NONE | — | No browser automation |
| 数据库 | NONE | NONE | — | No database access |
目录结构
3 文件 · 22.8 KB · 565 行 Python 1f · 364L
JSON 1f · 103L
Markdown 1f · 98L
├─
clawhub.json
JSON
├─
SKILL.md
Markdown
└─
trader.py
Python
依赖分析 1 项
| 包名 | 版本 | 来源 | 已知漏洞 | 备注 |
|---|---|---|---|---|
simmer-sdk | latest (unpinned) | PyPI | 否 | Legitimate trading SDK from Simmer Markets; version not pinned in metadata |
安全亮点
✓ Paper trading is the default mode (venue="sim") -- zero financial risk without --live flag
✓ All environment variables (SIMMER_*) are declared in SKILL.md with descriptions
✓ No shell execution, subprocess, or system command invocation
✓ No obfuscation (base64, eval, atob) detected
✓ No sensitive file access (~/.ssh, ~/.aws, .env)
✓ No credential exfiltration or data theft
✓ All trading operations properly gated by regime logic and context checks
✓ Source SDK (simmer-sdk) is from a legitimate PyPI package
✓ No hidden functionality -- code matches documentation