← Back to Skills Marketplace
112
Downloads
0
Stars
0
Active Installs
1
Versions
Install in OpenClaw
/install polymarket-arb-scanner-pro
Description
Scans top Polymarket markets for pure arbitrage where YES + NO < $0.94, enabling risk-free simultaneous Fill-or-Kill trades with liquidity and risk controls.
Usage Guidance
This skill will attempt to place real trades using a Polygon wallet private key. Before installing or running: 1) Do not provide your primary wallet private key. Use a dedicated deployment wallet with minimal funds and strict limits. 2) Inspect the py_clob_client (polymarket-clob-client) package source — especially the implementation of create_or_derive_api_creds() — to verify it does not send your raw private key to an external server. 3) Confirm SKILL.md claims (SQS integration) match the code; if you need automated execution, ask the author for details or code for the SQS integration. 4) Run the script in dry-run mode first (--buy omitted) and review network calls (e.g., via a proxy) to confirm only expected endpoints (gamma-api.polymarket.com, clob.polymarket.com) are contacted. 5) If you plan to execute trades, consider hardware signers or separate signer services rather than embedding raw keys in .env, and review/limit the wallet's on-chain allowance. Given the missing metadata and the sensitivity of the key usage, proceed only after code and dependency review or treat this as untrusted code.
Capability Analysis
Type: OpenClaw Skill
Name: polymarket-arb-scanner-pro
Version: 1.0.0
The bundle provides a Polymarket arbitrage tool that requires a high-risk Polygon PRIVATE_KEY to execute trades, which is a significant security risk. While the code in arb_scanner.py aligns with the stated arbitrage strategy and lacks clear evidence of exfiltration, the requirement for raw private keys and the execution of financial transactions are inherently risky capabilities. Additionally, SKILL.md makes 'guaranteed profit' claims and mentions features like SQS integration and market blacklists that are not present in the provided code, and _meta.json contains a suspicious future-dated timestamp (March 2026).
Capability Assessment
Purpose & Capability
The code implements a Polymarket arb scanner and executor consistent with the name/description. However, the registry metadata declares no required environment variables or credentials while both SKILL.md and the script require PRIVATE_KEY and WALLET_ADDRESS — a clear mismatch. SKILL.md also claims 'SQS integration for automated execution' but there is no SQS code in the repository.
Instruction Scope
Runtime instructions (SKILL.md) direct the user to store a raw PRIVATE_KEY and WALLET_ADDRESS in .env or env vars and to run the script which can place real market orders. The script reads .env, calls Polymarket/Gamma APIs, and will execute market trades when run with --buy. The instructions do not attempt to read unrelated system files, nor do they transmit data to external endpoints beyond Polymarket/CLOB hosts — but they do instruct providing a highly sensitive private key and describe automated execution flows that could move real funds.
Install Mechanism
No install spec is provided (instruction-only), and the SKILL.md asks to pip install requests and polymarket-clob-client. There are no downloads from arbitrary URLs or archive extraction. Installing the python dependency from PyPI is expected for this functionality and is moderate-risk but standard.
Credentials
The skill requires a Polygon wallet PRIVATE_KEY and WALLET_ADDRESS to create a CLOB client and place orders — those credentials are necessary for execution, but the registry metadata did not declare them. The code calls client.create_or_derive_api_creds() after instantiating ClobClient with the private key; it's unclear whether that function exposes the private key to a remote service or derives credentials locally, which increases risk. Requesting a raw private key is high sensitivity and should be justified and audited before use.
Persistence & Privilege
The skill is not force-included (always:false) and does not request persistent system-level privileges. It does not modify other skills' configurations. It will, if run, create API credentials via the CLOB client and place orders on Polymarket, which is expected behavior for an execution skill.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install polymarket-arb-scanner-pro - After installation, invoke the skill by name or use
/polymarket-arb-scanner-pro - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
Initial release
Metadata
Frequently Asked Questions
What is Polymarket Arb Scanner Pro?
Scans top Polymarket markets for pure arbitrage where YES + NO < $0.94, enabling risk-free simultaneous Fill-or-Kill trades with liquidity and risk controls. It is an AI Agent Skill for Claude Code / OpenClaw, with 112 downloads so far.
How do I install Polymarket Arb Scanner Pro?
Run "/install polymarket-arb-scanner-pro" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Polymarket Arb Scanner Pro free?
Yes, Polymarket Arb Scanner Pro is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does Polymarket Arb Scanner Pro support?
Polymarket Arb Scanner Pro is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Polymarket Arb Scanner Pro?
It is built and maintained by Mike (@themsquared); the current version is v1.0.0.
More Skills