Scan Report
0 /100
polymarket-macro-weekend-momentum-trader
Trades altcoin (ETH/SOL/XRP) Up/Down markets based on BTC weekend price threshold momentum drift on Polymarket.
Legitimate Polymarket weekend momentum trading strategy with transparent paper-trading defaults and no malicious behavior detected.
Safe to install
No action needed. The skill is safe to use. Ensure SIMMER_API_KEY is stored securely and only use --live flag when you understand the financial risk.
| Resource | Declared | Inferred | Status | Evidence |
|---|---|---|---|---|
| Filesystem | NONE | NONE | — | No file operations beyond loading the script itself |
| Network | NONE | READ | ✓ Aligned | SDK makes API calls to Polymarket; documented in SKILL.md |
| Shell | NONE | NONE | — | No subprocess or shell execution found |
| Environment | NONE | READ | ✓ Aligned | Reads SIMMER_* tunables and SIMMER_API_KEY; all are declared in SKILL.md and cla… |
| Skill Invoke | NONE | NONE | — | No cross-skill invocation |
| Clipboard | NONE | NONE | — | No clipboard access |
| Browser | NONE | NONE | — | No browser automation |
| Database | NONE | NONE | — | No database access |
File Tree
3 files · 24.9 KB · 645 lines Python 1f · 433L
Markdown 1f · 125L
JSON 1f · 87L
├─
clawhub.json
JSON
├─
SKILL.md
Markdown
└─
trader.py
Python
Dependencies 1 items
| Package | Version | Source | Known Vulns | Notes |
|---|---|---|---|---|
simmer-sdk | * | pip | No | Version not pinned; verify source is SpartanLabsXyz GitHub |
Security Positives
✓ Paper trading (venue='sim') is the safe default; real trades require explicit --live flag
✓ autostart=false and cron=null prevent unattended execution
✓ No subprocess, shell execution, or system command calls
✓ No base64, eval, or obfuscated code
✓ No sensitive path access (~/.ssh, ~/.aws, .env files)
✓ No credential harvesting beyond the required SIMMER_API_KEY for trading
✓ No network IOCs or suspicious external IP connections
✓ No persistence mechanisms (cron, startup hooks, backdoors)
✓ No prompt injection or hidden instructions
✓ Clear documentation of all tunable risk parameters
✓ Single, pinned dependency (simmer-sdk) from a known source
✓ Strategy logic is transparent and matches documentation