Security audit
Prediction Market
Security checks across malware telemetry and agentic risk
Overview
The package appears to do what it says: it wraps a Python client that queries AIsa's prediction-market API and requires an AISA_API_KEY; there are no hidden installers or unrelated credential requests, though there is a small metadata mismatch about declared requirements.
This package appears to be coherent: it bundles a Python client that contacts api.aisa.one and requires an AISA_API_KEY. Before installing: (1) confirm you trust the AIsa service (api.aisa.one) and the publisher; (2) provide the AISA_API_KEY only if you intend the agent to query your paid/privileged AIsa account; (3) note the package requires python3 at runtime and will make network calls to AIsa — review network policies and billing implications; (4) be aware the registry metadata omitted the declared requirements in the embedded SKILL.md (python3 and AISA_API_KEY), so ensure your runtime supplies those. If you need stronger assurance, inspect the full Python script locally (it's included) and verify the endpoints and behavior before granting the API key.
VirusTotal
No VirusTotal findings
Static analysis
No suspicious patterns detected.
