Security audit
Prediction Market Data Zh
Security checks across malware telemetry and agentic risk
Overview
The package and its runtime instructions are internally consistent: it ships a Python client that queries AIsa's API and requires only an AISA_API_KEY and python3, which matches the skill's stated purpose.
This skill is coherent: it runs a bundled Python client that queries AIsa's API and requires an AISA_API_KEY. Before installing, confirm you trust the AIsa service (api.aisa.one) because your API key and queries will be sent there. Review the included Python script if you want to verify exactly what fields are sent or logged. Because no other credentials or system paths are requested and there are no remote install steps, the main risk is exposure of the AISA_API_KEY and any data you send to that third party — treat the key like any API secret (limit its permissions if possible, rotate/revoke if compromised).
VirusTotal
No VirusTotal findings
Static analysis
No suspicious patterns detected.
