扫描报告
5 /100
polymarket-legal-regulatory-trader
Trades Polymarket legal and regulatory prediction markets using conviction-based sizing with documented legal base rates
Legitimate Polymarket trading bot using the Simmer SDK with clear safety defaults (paper trading), no shell execution, no sensitive file access, and no obfuscation.
可以安装
No action needed. The skill is a standard prediction market trading bot with documented behavior matching implementation.
| 资源类型 | 声明权限 | 推断权限 | 状态 | 证据 |
|---|---|---|---|---|
| 文件系统 | NONE | NONE | — | No file read/write operations found |
| 网络访问 | NONE | NONE | — | Uses SimmerClient SDK for API calls only |
| 命令执行 | NONE | NONE | — | No subprocess or shell execution |
| 环境变量 | READ | READ | ✓ 一致 | trader.py:49-57 - reads SIMMER_* vars and SIMMER_API_KEY only |
| 技能调用 | NONE | NONE | — | No skill invocation |
| 剪贴板 | NONE | NONE | — | No clipboard access |
| 浏览器 | NONE | NONE | — | No browser access |
| 数据库 | NONE | NONE | — | No database access |
目录结构
3 文件 · 18.0 KB · 439 行 Python 1f · 271L
Markdown 1f · 100L
JSON 1f · 68L
├─
clawhub.json
JSON
├─
SKILL.md
Markdown
└─
trader.py
Python
依赖分析 1 项
| 包名 | 版本 | 来源 | 已知漏洞 | 备注 |
|---|---|---|---|---|
simmer-sdk | * | pypi | 否 | Version not pinned; known publisher (SpartanLabsXyz) |
安全亮点
✓ No shell execution or subprocess calls
✓ No sensitive file access (~/.ssh, ~/.aws, .env)
✓ No base64 encoding or code obfuscation
✓ Clear safety documentation: paper trading is the default mode
✓ Explicit --live flag required for real trades
✓ Straightforward, readable code with clear comments
✓ Uses standard environment variable pattern for configuration
✓ No data exfiltration or C2 communication
✓ No hidden functionality or doc-to-code mismatch