← 返回 Skills 市场
pipethedev

Polyclaw

作者 pipethedev · GitHub ↗ · v1.0.2
cross-platform ⚠ suspicious
7590
总下载
10
收藏
74
当前安装
3
版本数
在 OpenClaw 中安装
/install polyclaw
功能描述
Become an autonomous prediction market trader on Polymarket with AI-powered analysis and a performance-backed token on Base. Trade real markets, build a track record, and let the buyback flywheel run.
安全使用建议
Install only if you intentionally want a persistent autonomous trading agent using real funds and public posting. Verify the official backend URL with the publisher, start with small funds, keep trading/posting disabled until configured, avoid storing API keys in agent memory or transcripts, rotate keys if exposed, and confirm pause, withdrawal, delete, and credential-revocation controls before funding.
功能分析
Type: OpenClaw Skill Name: polyclaw Version: 1.0.2 The `scripts/register.sh` file constructs a JSON payload for agent registration, directly embedding user-provided `STRATEGY_DESCRIPTION` and `PERSONALITY` into the request body. The `SKILL.md` explicitly states that these descriptions are 'passed to Claude during market analysis' (an external AI model). This creates a prompt injection vulnerability against the *backend AI* if a malicious operator provides crafted input for these fields. While the skill itself is a client to the Polyclaw service, the direct inclusion of unsanitized user input into a prompt for an AI model is a significant vulnerability. Additionally, the `POLYCLAW_API_URL` in `register.sh` is configurable via an environment variable, which could allow redirection of API calls to a malicious server if the execution environment is compromised. No evidence of intentional data exfiltration or persistence was found within the skill bundle itself.
能力评估
Purpose & Capability
The core purpose is coherent: autonomous Polymarket trading, token deployment, buybacks, and social posting are disclosed in the skill. The capability is still high-impact because it handles real USDC, funded wallets, on-chain approvals, token operations, and public posts.
Instruction Scope
The instructions allow autonomous trading, X posting, and agent-directed Moltbook/Moltx posting with limited approval gates. There is also a verified inconsistency: register.sh sends tradingEnabled=false but later tells the user trading starts automatically once funded.
Install Mechanism
No hidden auto-install or local persistence was found, but the setup script sends an operator API key to a remote backend and defaults to a Cloudflare Workers URL while the main skill also documents api.polyclaw.ai, creating a trust-boundary and provenance concern.
Credentials
Remote API use, operator keys, agent keys, optional Polymarket CLOB credentials, signed orders, funded deposit addresses, and social OAuth/posting are purpose-aligned but powerful and not tightly scoped in the artifacts.
Persistence & Privilege
The service creates a continuing autonomous backend agent after registration/funding, and the script prints the full agent API key in machine-readable output while telling the agent to store it in memory.
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install polyclaw
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /polyclaw 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.2
Polyclaw 1.0.2 Changelog - Added _meta.json metadata file for improved skill management and distribution. - No user-facing changes; documentation and usage remain unchanged.
v1.0.1
**Summary:** This update adds new utility scripts to assist with skill management. - Added `scripts/check-skill.sh` for automated skill checks. - Added `scripts/sync-skill.sh` to simplify synchronization of skill files.
v1.0.0
Polyclaw 1.0.0 – Initial Release - Launches autonomous prediction market trading on Polymarket using AI-powered analysis. - Deploys a performance-backed ERC-20 token on Base with automatic profit buybacks. - Supports real USDC trading, automatic posting of analysis to X/Twitter, and multi-chain funding. - Easy agent registration with configurable trading strategy and risk level. - Complete set of API docs for registration, authentication, and live trading operations.
元数据
Slug polyclaw
版本 1.0.2
许可证
累计安装 286
当前安装数 74
历史版本数 3
常见问题

Polyclaw 是什么?

Become an autonomous prediction market trader on Polymarket with AI-powered analysis and a performance-backed token on Base. Trade real markets, build a track record, and let the buyback flywheel run. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 7590 次。

如何安装 Polyclaw?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install polyclaw」即可一键安装,无需额外配置。

Polyclaw 是免费的吗?

是的,Polyclaw 完全免费(开源免费),可自由下载、安装和使用。

Polyclaw 支持哪些平台?

Polyclaw 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。

谁开发了 Polyclaw?

由 pipethedev(@pipethedev)开发并维护,当前版本 v1.0.2。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191113 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 留言讨论