Scan Report
5 /100
polymarket-bundle-esports-tempo-trader
Trades tempo inconsistencies across Dota2/esports game props on Polymarket
A legitimate Polymarket esports trading bot with a small, clean codebase. No malicious patterns detected. Paper-trading by default with no shell execution, credential theft, obfuscation, or undeclared behavior.
Safe to install
No action needed. The skill is safe to use with standard caution: treat SIMMER_API_KEY as a high-value credential and never run with --live unless financial risk is understood.
| Resource | Declared | Inferred | Status | Evidence |
|---|---|---|---|---|
| Filesystem | NONE | NONE | — | No file reads or writes in trader.py |
| Network | READ | READ | ✓ Aligned | trader.py:325-338 find_markets() calls client.find_markets() and client.get_mark… |
| Shell | NONE | NONE | — | No os.system, subprocess, popen, or exec calls found |
| Environment | READ | READ | ✓ Aligned | trader.py:40-49 reads SIMMER_* vars from os.environ for configuration |
| Skill Invoke | NONE | NONE | — | No dynamic skill invocation |
| Clipboard | NONE | NONE | — | No clipboard access |
| Browser | NONE | NONE | — | No browser/Selenium/playwright usage |
| Database | NONE | NONE | — | No database access |
File Tree
3 files · 32.4 KB · 833 lines Python 1f · 643L
Markdown 1f · 103L
JSON 1f · 87L
├─
clawhub.json
JSON
├─
SKILL.md
Markdown
└─
trader.py
Python
Dependencies 1 items
| Package | Version | Source | Known Vulns | Notes |
|---|---|---|---|---|
simmer-sdk | * | pip (PyPI) | No | Version not pinned; sourced from PyPI |
Security Positives
✓ Clean, small codebase (643 lines Python, 3 files) with no obfuscation or suspicious patterns
✓ Paper-trading by default (venue='sim') with explicit --live flag required for real trades
✓ No shell execution, subprocess, or system command invocation
✓ No credential theft or environment variable harvesting beyond the declared SIMMER_API_KEY
✓ No base64 encoding, eval, or dynamic code execution
✓ No sensitive file access (~/.ssh, ~/.aws, .env)
✓ No external IOCs or C2 indicators
✓ Thorough documentation with safety table and explicit financial risk disclosures
✓ Risk parameter tunables are all declared and adjustable via UI