Scan Report
This report was generated in Chinese. Some content may be in Chinese.
0 /100
polymarket-opportunities-scanning
Scan Polymarket prediction markets for book arbitrage opportunities, generate formatted report, deliver via Telegram and email
纯内置模块的 Polymarket 套利扫描工具,功能与文档完全一致,无恶意行为,无敏感操作。
Safe to install
可直接使用。无需额外安全控制。
| Resource | Declared | Inferred | Status | Evidence |
|---|---|---|---|---|
| Network | READ | READ | ✓ Aligned | scripts/scanner.js:12 仅连接 Polymarket 公共 Gamma API |
| Filesystem | WRITE | WRITE | ✓ Aligned | scanner.js:206 写入 opportunities.json;send-report.js:11-15 读取 .env |
| Shell | WRITE | WRITE | ✓ Aligned | send-report.js:80 执行 node scanner.js;send-report.js:54 执行 osascript,均已在文档声明 |
| Environment | READ | READ | ✓ Aligned | send-report.js:11-15 仅读取 SMTP_TO/SMTP_USER 用于邮件发送 |
3 findings
Medium External URL 外部 URL
https://polymarket.com/event/... SKILL.md:65 Medium External URL 外部 URL
https://gamma-api.polymarket.com scripts/scanner.js:12 Medium External URL 外部 URL
https://polymarket.com/event/$ scripts/scanner.js:151 File Tree
4 files · 18.5 KB · 551 lines JavaScript 2f · 372L
Markdown 2f · 179L
├─
▾
references
│ └─
setup.md
Markdown
├─
▾
scripts
│ ├─
scanner.js
JavaScript
│ └─
send-report.js
JavaScript
└─
SKILL.md
Markdown
Security Positives
✓ 仅使用 Node.js 内置模块(fetch, fs, path, child_process),零外部依赖,无供应链风险
✓ 文档(SKILL.md)与代码行为完全一致,无阴影功能
✓ 网络请求仅限 Polymarket 官方公共 API,无第三方通信
✓ .env 加载仅用于邮件配置,未外传任何凭证
✓ osascript 仅用于本机 Apple Mail 邮件发送,调用链清晰
✓ 代码注释充分,逻辑透明,无混淆或编码执行