← 返回 Skills 市场
Polymarket Auto-Trader
作者
srikanthbellary
· GitHub ↗
· v1.0.1
2724
总下载
10
收藏
16
当前安装
2
版本数
在 OpenClaw 中安装
/install polymarket-auto-trader
功能描述
Autonomous Polymarket prediction market trading agent. Scans markets, evaluates probabilities with LLM, sizes positions with Kelly criterion, and executes trades via CLOB API. Use when user wants to trade on Polymarket, set up automated prediction market trading, or build a trading bot. Supports cron-based autonomous operation, P&L tracking, and budget management.
安全使用建议
This package appears to do what it says (an autonomous Polymarket trader), but it requires your wallet private key — which if leaked or misused will allow theft of funds. Before installing or running: 1) Create and use a dedicated, funded-with-minimum wallet (do not use your main wallet). 2) Review the contract addresses in references/contract-addresses.md to confirm they are legitimate. 3) Consider alternatives to storing the raw PRIVATE_KEY in plaintext (use a hardware signer or a secure key manager if possible). 4) Test on very small amounts ($5–$10) and monitor cron logs and P&L outputs closely. 5) Understand and accept the risk of approving MAX_UINT allowances (these grant broad spending rights to the contracts). 6) Verify the py-clob-client and web3 package versions and source (PyPI) and inspect create_or_derive_api_creds behavior if you care where derived credentials are stored. 7) If you want less exposure, modify scripts to use a signing service or ephemeral keys and to avoid storing private keys on disk. If you are not comfortable with these steps or with running code that can move funds, do not install or run this skill.
功能分析
Type: OpenClaw Skill
Name: polymarket-auto-trader
Version: 1.0.1
The skill bundle sets up an autonomous trading bot that handles a blockchain private key and grants unlimited token spending approvals (MAX_UINT) to Polymarket contracts. While these high-risk actions (storing a private key in `.env`, broad token approvals, cron-based persistence, external LLM API calls) are transparently disclosed in `SKILL.md` and appear to be for the stated purpose of autonomous trading with legitimate services (Polymarket, Anthropic), the inherent vulnerabilities are significant. There is no evidence of intentional malicious behavior like unauthorized data exfiltration or covert backdoors, but the critical nature of the private key handling and unlimited approvals warrants a 'suspicious' classification due to the high potential for financial loss if the environment is compromised or the target contracts have vulnerabilities.
能力评估
Purpose & Capability
The skill claims to scan markets, ask an LLM for probability estimates, size positions, and place orders via the Polymarket CLOB API. The required env vars (PRIVATE_KEY for signing trades and LLM_API_KEY for Anthropic calls) and included scripts directly implement that functionality. The only minor mismatch: registry metadata marks LLM_API_KEY as the primary credential even though PRIVATE_KEY is the highest-privilege secret for trading.
Instruction Scope
Runtime instructions are focused on trading: set up a non-US VPS, install Python packages, store PRIVATE_KEY and LLM_API_KEY in /opt/trader/app/.env, run approval and trading scripts, and set a cron job. The instructions explicitly tell you to store the private key on disk and to approve MAX_UINT for several contracts (standard for DeFi but high-risk). There are no hidden network endpoints beyond Polymarket, Gamma API, Anthropic, and the Polygon RPC endpoints.
Install Mechanism
No remote arbitrary downloads are used. setup_vps.sh installs pinned Python packages from PyPI (py-clob-client, web3, python-dotenv, requests). The included setup script and pinned versions make the install path transparent and traceable.
Credentials
Only two environment variables are required (PRIVATE_KEY and LLM_API_KEY), which is proportionate to a trading bot. However, PRIVATE_KEY provides full control of the wallet and must be treated as a highly privileged secret; the skill also designates the LLM key as the primary credential in metadata, which is a minor inconsistency but not malicious.
Persistence & Privilege
The skill is not force-enabled (always:false) and does not request modifications to other skills or global agent settings. It is designed to be run persistently via user-configured cron on a VPS (normal for trading bots).
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install polymarket-auto-trader - 安装完成后,直接呼叫该 Skill 的名称或使用
/polymarket-auto-trader触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.1
Fix: added required env vars (PRIVATE_KEY, LLM_API_KEY) to metadata, pinned dependency versions, added security considerations section and homepage URL
v1.0.0
Initial release: autonomous prediction market trading with LLM evaluation, Kelly sizing, and CLOB API execution
元数据
常见问题
Polymarket Auto-Trader 是什么?
Autonomous Polymarket prediction market trading agent. Scans markets, evaluates probabilities with LLM, sizes positions with Kelly criterion, and executes trades via CLOB API. Use when user wants to trade on Polymarket, set up automated prediction market trading, or build a trading bot. Supports cron-based autonomous operation, P&L tracking, and budget management. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 2724 次。
如何安装 Polymarket Auto-Trader?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install polymarket-auto-trader」即可一键安装,无需额外配置。
Polymarket Auto-Trader 是免费的吗?
是的,Polymarket Auto-Trader 完全免费(开源免费),可自由下载、安装和使用。
Polymarket Auto-Trader 支持哪些平台?
Polymarket Auto-Trader 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Polymarket Auto-Trader?
由 srikanthbellary(@srikanthbellary)开发并维护,当前版本 v1.0.1。
推荐 Skills