扫描报告
5 /100
polymarket-geopolitics-sentiment-reversal-trader
Trades mean reversion on Polymarket geopolitical prediction markets at probability extremes (>92% or <8%) using a staleness factor based on days-to-resolution
A legitimate Polymarket mean-reversion trading skill with transparent documentation, paper-trading defaults, and no malicious behavior detected.
可以安装
No action required. The skill is safe to use with proper API key protection.
| 资源类型 | 声明权限 | 推断权限 | 状态 | 证据 |
|---|---|---|---|---|
| 文件系统 | NONE | READ | ✓ 一致 | Skill only reads its own source files for execution |
| 网络访问 | READ | READ | ✓ 一致 | API calls through simmer-sdk to Polymarket are documented and necessary |
| 命令执行 | NONE | NONE | — | No subprocess or shell execution found |
| 环境变量 | NONE | READ | ✓ 一致 | Only reads SIMMER_* prefixed env vars for configuration |
目录结构
3 文件 · 23.6 KB · 591 行 Python 1f · 300L
Markdown 1f · 162L
JSON 1f · 129L
├─
clawhub.json
JSON
├─
SKILL.md
Markdown
└─
trader.py
Python
依赖分析 1 项
| 包名 | 版本 | 来源 | 已知漏洞 | 备注 |
|---|---|---|---|---|
simmer-sdk | latest | pip (PyPI) | 否 | Legitimate trading SDK by SpartanLabsXyz, version not pinned in project |
安全亮点
✓ Paper trading (venue=sim) is the default with zero financial risk
✓ Explicit --live flag required for real Polymarket trades
✓ All parameters declared as tunables with sensible defaults
✓ Uses a well-documented PyPI package (simmer-sdk) with pinned version
✓ No shell execution, subprocess, or system command calls
✓ No sensitive file access (~/.ssh, ~/.aws, .env)
✓ No obfuscation (base64, eval, encoded payloads)
✓ No external network calls to suspicious IPs
✓ Comprehensive SKILL.md with full strategy documentation
✓ No credential harvesting beyond the API key required for trading
✓ Safety guards: max position $40, max 6 concurrent positions