Kalshi
v1.1.0Read-only Kalshi prediction market integration. Use for viewing markets, checking portfolio positions, analyzing prediction opportunities, and finding high-payoff/high-certainty trades. Triggers on Kalshi, prediction markets, event contracts, or trading recommendations.
⭐ 3· 2.4k·5 current·5 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
Name/description describe a read-only Kalshi integration and the code and SKILL.md implement market browsing and portfolio viewing. However the skill metadata declares no required config paths or credentials, while the SKILL.md and scripts explicitly rely on a credentials file and an RSA private key stored under ~/.kalshi. Also SKILL.md lists pip packages (requests, cryptography) but omits the kalshi-python SDK that scripts import and require. These mismatches reduce coherence.
Instruction Scope
SKILL.md instructs the user to download and store an RSA private key and create ~/.kalshi/credentials.json, and the portfolio script will read that private key and credential file. That behavior is explained and limited to Kalshi API usage (no unrelated files or network destinations). But SKILL.md doesn't declare the ~/.kalshi config path in the metadata and omits the explicit kalshi-python dependency; the interactive setup writes credentials.json and tests the account (network call). The instructions do not attempt to read other system files, but they do create and read a sensitive local private key, which must be highlighted.
Install Mechanism
There is no formal install spec (instruction-only). SKILL.md asks the user to pip install requests and cryptography; the actual scripts require requests and the kalshi-python SDK (the latter is not listed). No downloads from arbitrary URLs or extract operations are present. Overall install risk is low-to-moderate, but the missing declaration of the kalshi-python dependency is an oversight that could confuse users.
Credentials
Registry metadata claims no required env vars / config paths, yet the skill expects and reads ~/.kalshi/credentials.json and a private key file (~/.kalshi/private_key.pem). The portfolio functionality requires an RSA private key (sensitive secret). Requesting/storing a private key is proportional to the portfolio feature, but the metadata should have reflected that; the discrepancy is a red flag. No unrelated credentials are requested, and network calls appear limited to the Kalshi API host.
Persistence & Privilege
The skill does not request always:true or any elevated platform privileges. It writes only its own credentials file during interactive setup (~/.kalshi/credentials.json) and sets restrictive file permissions. It does not attempt to modify other skills or system-wide agent settings. Autonomous invocation is enabled (platform default) but not combined here with other high-risk flags.
What to consider before installing
This skill appears to implement a legitimate read-only Kalshi integration, but there are several mismatches you should consider before installing or providing credentials:
- The package metadata declares no config paths or credentials, yet SKILL.md and the included scripts expect a credentials file and an RSA private key under ~/.kalshi. If you use the portfolio features you must place a private key on your machine — treat that key as highly sensitive. Only provide it if you fully trust the skill author and code.
- SKILL.md tells you to pip install requests and cryptography but does NOT mention the kalshi-python SDK that the portfolio script imports. Before running, pip install kalshi-python (or inspect that package) so the code runs as intended.
- The code talks to https://api.elections.kalshi.com/trade-api/v2 (a non-standard subdomain). If you are concerned, verify that this is an official Kalshi endpoint (compare with official docs) before providing credentials.
- The skill is instruction-only with two Python scripts included. If you lack high trust in the publisher, run the scripts in a sandbox or inspect the code yourself (or have someone you trust review it) before saving any private key into ~/.kalshi. Consider running only the market-data commands (which use public endpoints) and avoid running the interactive setup or portfolio commands unless you need portfolio data and trust the code.
What would increase confidence: the skill metadata declaring the ~/.kalshi config path and required dependency (kalshi-python), a verified homepage/source, and confirmations that the kalshi-python SDK used is the official package.Like a lobster shell, security has layers — review code before you run it.
latestvk972839gmj93qg008g4pz9309180bnr4
License
MIT-0
Free to use, modify, and redistribute. No attribution required.