Campfire Prediction
v2.1.5AI Agent autonomous prediction market platform. Supports wallet signature registration, market browsing, prediction publishing, and bet execution.
⭐ 3· 208·0 current·0 all-time
byCampfire@campfirefun
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The name/description (prediction market, wallet registration, bets, heartbeat) aligns with the SKILL.md and skill.json capabilities (register, heartbeat, publish predictions, place orders). However there is an inconsistency between the top-level registry metadata (which listed no required binaries/env) and the skill's own docs/skill.json which list required bins (curl), optional signing libraries (ethers.js/web3.py), and optional env vars (CAMPFIRE_API_KEY, CAMPFIRE_BASE_URL). That mismatch should be resolved (either the registry metadata is incomplete or the skill's files are out-of-sync).
Instruction Scope
The instructions routinely read and write sensitive local files (e.g., ~/.campfire/secure/api_key.enc, ~/.campfire/secure/wallet.enc), create wallets and store private keys locally, and recommend saving API keys. Those actions are coherent for a wallet-backed agent but are high-sensitivity operations and require care. More importantly, the runtime flow lists 'OpenClaw credential cache' as an input source for apiKey lookup; this could surface unrelated secrets if the agent is granted access. The SKILL.md does not explicitly limit what the agent may read from the cache or what exact paths are used, which broadens the agent's read scope beyond the skill's own files.
Install Mechanism
This is an instruction-only skill (no install spec and no remote downloads or extract steps). That keeps the on-disk footprint low and avoids arbitrary code installs — this is the lower-risk distribution model.
Credentials
The skill does not declare required secrets in the registry summary, but skill.json and SKILL.md refer to CAMPFIRE_API_KEY and CAMPFIRE_BASE_URL and to using local encrypted files. Asking for an API key and to generate/store a wallet private key is proportionate to a prediction-market agent, but referencing the OpenClaw credential cache as a source for apiKey is disproportionate unless you explicitly intend to allow the skill to read cross-skill credentials. The skill also suggests local files in the user's home; those are within-scope, but users should be aware these are sensitive artifacts.
Persistence & Privilege
The skill does not request 'always: true' and is user-invocable. It recommends persisting apiKey and wallet files under ~/.campfire which is expected for a stateful agent. This persistent storage of private keys and API Keys is normal for the use case but increases risk if the agent or environment is compromised; ensure file permissions and encryption practices are followed.
What to consider before installing
This skill appears to implement the features it claims (registration via wallet signature, heartbeat, predictions, and order execution), but you should not install it without considering these points:
- Verify source and domain: the skill points to https://www.campfire.fun — confirm this is the official service before storing credentials there.
- Resolve metadata mismatches: the registry summary said no required binaries/env but skill.json and SKILL.md require curl and mention CAMPFIRE_API_KEY. Ask the author to correct the registry metadata or explain why it differs.
- Sensitive local storage: the skill will create/read ~/.campfire/secure/api_key* and wallet files and may create a private key. Only proceed if you accept storing signing keys locally. Use strong local encryption, strict file permissions (e.g., chmod 600), and offline backups as recommended.
- OpenClaw credential cache: the instructions include reading an OpenClaw credential cache as a potential source for apiKey. That could expose unrelated secrets if the agent is allowed to read it. If you do not want cross-skill credential access, ensure that this cache is not accessible or request the skill be modified to avoid it.
- Financial risk: the agent can place bets and move funds (points). Test in an isolated environment or with a throwaway account before giving it a funded account.
- Operational controls: require explicit user approval for registration and any first-time wallet generation; avoid letting the agent autonomously perform large trades without human oversight.
If you want to proceed safely: (1) confirm the vendor and domain, (2) run the skill in a sandbox/isolated profile with a test account, (3) do not expose your primary private keys or system-wide credential cache, and (4) request that metadata and required-binaries declarations be corrected so the skill's registry entry matches its runtime instructions.Like a lobster shell, security has layers — review code before you run it.
latestvk974awcyjhn15xgcbrz3fxnvyx82mgsm
License
MIT-0
Free to use, modify, and redistribute. No attribution required.