Realizable-vs-theoretical edge check against live CLOB order-book depth. REQUIRES one of market (single-market mode) or event (basket/partition mode). SINGLE-MARKET: pass a market slug/URL + side (buy_yes|sell_yes|buy_no|sell_no, default buy_yes) + size_usd (default 1000 — max spend on buys, targ...
AI agents use polymarket_fill_risk to create or update resources in Mcp Apis Guru — usually the action step of a workflow, after the agent has gathered context. Every call changes real data in your Mcp Apis Guru environment.
| Parameter | Type | Required | Description |
|---|---|---|---|
side | string | — | Single-market: buy_yes | sell_yes | buy_no | sell_no (default buy_yes). Basket: sell_yes | buy_yes (default auto — sell if partition sum > 1, buy if < 1). |
event | string | — | Basket mode: event slug or full polymarket.com URL — checks every leg of the partition. |
market | string | — | Single-market mode: market slug or full polymarket.com URL. |
size_usd | number | — | Single-market: USD to spend (buys) or target proceeds (sells). Basket: settlement notional — shares per leg, each paying $1 at resolution. Default 1000, clamp 1 |
Parameters from the server's own tool schema.
An AI agent can call polymarket_fill_risk faster than any human can review — one bad instruction and it creates or modifies resources in Mcp Apis Guru by the hundred, each call as confident as the last.
Risk signalsBulk/mass operation — affects multiple targets
Attacks that exploit this kind of access
Realizable-vs-theoretical edge check against live CLOB order-book depth. REQUIRES one of market (single-market mode) or event (basket/partition mode). SINGLE-MARKET: pass a market slug/URL + side (buy_yes|sell_yes|buy_no|sell_no, default buy_yes) + size_usd (default 1000 — max spend on buys, target proceeds on sells); walks the ladder and returns top_of_book, vwap_fill_price, slippage_pp, shares_filled, max_fillable_usd, and a verdict (clean|degraded|cannot_fill). BASKET: pass an event slug/URL + side (sell_yes = capture overround by selling every leg, buy_yes = capture underround; default auto from partition sum) + size_usd interpreted as settlement notional S (shares per leg; each share pays $1); returns theoretical_sum vs realizable_sum (top-of-book vs VWAP across all legs), capture_ratio, profit_usd at executed size, per-leg fill detail, thin_legs[], max_clean_notional_usd, and forced_directional_risk naming the legs most likely to strand you unhedged. USE THIS before acting on any polymarket_arbitrage SELL/BUY-EVERY-LEG signal or any polymarket_edges trade above ~$500 — theoretical overround on thin books is not capturable, and partial basket fills convert an arb into an unhedged directional position (the dominant loss mode in real arb-bot P&L). It is categorised as a Write tool in the Mcp Apis Guru MCP Server, which means it can create or modify data. Consider rate limits to prevent runaway writes.
polymarket_fill_risk accepts 4 parameters: side, event, market, size_usd. The full parameter table on this page comes from the server's own tool schema.
Register the Mcp Apis Guru MCP server in PolicyLayer and add a rule for polymarket_fill_risk: allow, deny, rate-limit, or require approval. Point your MCP client at the PolicyLayer proxy URL and the rule is enforced on every call, before it reaches Mcp Apis Guru. Nothing to install.
polymarket_fill_risk is a Write tool with medium risk. Write tools should be rate-limited to prevent accidental bulk modifications.
Yes. Add a rate_limit block to the polymarket_fill_risk rule in your PolicyLayer policy. For example, setting max: 10 and window: 60 limits the tool to 10 calls per minute. Rate limits are tracked per agent session and reset automatically.
Set action: deny in the PolicyLayer policy for polymarket_fill_risk. The AI agent will receive a policy violation error and cannot call the tool. You can also include a reason field to explain why the tool is blocked.
polymarket_fill_risk is provided by the Mcp Apis Guru MCP server (https://gateway.pipeworx.io/apis-guru/mcp). PolicyLayer sits as a proxy in front of this server to enforce policies before tool calls reach the server.
Every MCP server has a record like this.
Type a name, get the same breakdown: verified identity, auth posture, risk grade, capabilities, recommended policy.
Teams ship this data inside their own products. See what a licence covers →