Scan Report
5 /100
polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
Polymarket 预测市场查询技能,功能实现与文档声明完全一致,无恶意行为迹象,权限使用合理。
Safe to install
可直接使用。所有操作符合声明,无敏感文件访问、无凭证收割、无数据外泄。
Findings 1 items
| Severity | Finding | Location |
|---|---|---|
| Low | 依赖无版本上限 Supply Chain | scripts/polymarket.py:6 |
| Resource | Declared | Inferred | Status | Evidence |
|---|---|---|---|---|
| Filesystem | WRITE | WRITE | ✓ Aligned | scripts/polymarket.py:33 DATA_DIR = Path.home() / '.polymarket' |
| Network | READ | READ | ✓ Aligned | scripts/polymarket.py:44 requests.get(url, params=params, timeout=30) |
| Shell | NONE | NONE | — | scripts/polymarket.py 无subprocess/os.system调用 |
| Environment | NONE | NONE | — | scripts/polymarket.py 无os.environ访问 |
| Skill Invoke | NONE | NONE | — | 禁用自主调用,_meta.json: disable-model-invocation: true |
| Clipboard | NONE | NONE | — | 无剪贴板操作 |
| Browser | NONE | NONE | — | 无浏览器自动化 |
| Database | NONE | NONE | — | 无数据库操作 |
4 findings
Medium External URL 外部 URL
https://polymarket.com SKILL.md:4 Medium External URL 外部 URL
https://telegra.ph/How-Building-a-Weather-Polymarket-Bot-with-OpenClaw-Skill-and-turn-100--8000-Step-by-Step-Guide-02-28... SKILL.md:14 Medium External URL 外部 URL
https://gamma-api.polymarket.com SKILL.md:220 Medium External URL 外部 URL
https://docs.polymarket.com SKILL.md:221 File Tree
3 files · 47.9 KB · 1529 lines Python 1f · 1276L
Markdown 1f · 248L
JSON 1f · 5L
├─
▾
scripts
│ └─
polymarket.py
Python
├─
_meta.json
JSON
└─
SKILL.md
Markdown
Dependencies 1 items
| Package | Version | Source | Known Vulns | Notes |
|---|---|---|---|---|
requests | >=2.28.0 | pip | No | 无版本上限锁定,但库相对安全 |
Security Positives
✓ SKILL.md 与代码实现高度一致,无文档欺骗
✓ disable-model-invocation: true 防止自主执行
✓ 无凭证收割、无敏感路径访问
✓ 无 shell 执行、无数据外泄
✓ 代码清晰可读,无混淆
✓ 仅使用公开的 Polymarket Gamma API
✓ 模拟交易完全本地化,不涉及真实金融操作
✓ 使用 Type Hints 和完整文档字符串