by 安全扫描
OpenClaw
可疑
medium confidenceNULL
评估建议
This skill appears to implement what it claims, but review and harden before use. Key actions to consider: 1) Don't put your wallet private key in env unless you understand the risk—prefer a managed custodial wallet or hardware key if possible; 2) Test in dry-run (--scan-only or default) and with small stakes first; 3) Fix or confirm env-name mismatches (SKILL.md, clawhub.json, and code use different variable names) so the runtime will use the settings you expect; 4) Ensure defusedxml is install...详细分析 ▾
✓ 用途与能力
Name, description, required package (simmer-sdk), and code all align with a tool that watches signals and trades through Simmer/Polymarket. The optional WALLET_PRIVATE_KEY and SIMMER_API_KEY are appropriate for live trading and API access.
⚠ 指令范围
SKILL.md and code instruct the agent to fetch arbitrary RSS feeds and execute trades via the SDK (expected). However: 1) the code falls back to python's xml.etree if defusedxml isn't installed (possible XXE risk), 2) URL validation is only a simple hostname/prefix check and does not resolve hostnames to detect private IPs (SSRF risk), and 3) the skill uses file I/O (state/processed.json) and fcntl (Unix-only) — SKILL.md does not call out the OS limitation. These are scope and safety concerns to review.
✓ 安装机制
No remote downloads; SKILL.md and clawhub.json ask for pip-installing simmer-sdk. This is a standard package install and not an arbitrary archive fetch.
⚠ 凭证需求
Primary credential SIMMER_API_KEY is declared and justified. WALLET_PRIVATE_KEY is optional and sensibly required only for live self-custody trading. But there are several inconsistencies and undeclared envs: clawhub.json, SKILL.md, and signal_sniper.py use differing env names (e.g., SIMMER_SNIPER_CONFIDENCE vs SIMMER_SNIPER_CONFIDENCE_THRESHOLD vs SIMMER_SNIPER_CONFIDENCE_THRESHOLD in tunables); the code reads AUTOMATON_MAX_BET and TRADING_VENUE which are not declared in metadata. The skill asks users to place a private key in an environment variable—this is functional but sensitive; users should understand the risk and prefer managed wallets if possible.
ℹ 持久化与权限
always:false (good). The skill writes a local state file (state/processed.json) and uses its own config APIs — normal. It does not request global agent configuration changes. It can be invoked autonomously (platform default); combined with trading capability this increases blast radius, so follow the other cautions before enabling automation.
安全有层次,运行前请审查代码。
运行时依赖
无特殊依赖
版本
latestv1.4.72026/2/14
NULL
● 可疑
安装命令
点击复制官方npx clawhub@latest install polymarket-signal-sniper
镜像加速npx clawhub@latest install polymarket-signal-sniper --registry https://cn.longxiaskill.com