Prediction Market Trader
PassAudited by VirusTotal on May 11, 2026.
Overview
Type: OpenClaw Skill Name: prediction-market-trader Version: 1.0.0 The bundle is a legitimate toolkit for trading on the Kalshi prediction market, featuring RSA-PSS authentication, market scanning, and comprehensive risk management documentation. The code in scripts/kalshi-auth.js and scripts/scan-edges.js correctly implements the Kalshi API protocol and uses standard Node.js libraries for financial calculations and network requests. The inclusion of a detailed lessons-learned.md file, which documents specific past trading losses and identifies flaws (such as crude string matching) that are still present in the provided scripts, strongly suggests an authentic, non-malicious origin focused on specialized financial activity.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Running the skill with a broadly privileged Kalshi key could allow account reads and trades using the user’s real account.
The included code requires a Kalshi key ID and RSA private key, while the registry metadata declares no required environment variables or primary credential. These credentials can authenticate to a financial trading account.
const keyId = process.env.KALSHI_KEY_ID;
const privKey = process.env.KALSHI_PRIVATE_KEY;
if (!keyId || !privKey) throw new Error('Set KALSHI_KEY_ID and KALSHI_PRIVATE_KEY env vars');Declare the Kalshi credentials in metadata, document the required key scope, use read-only credentials for scanning where possible, and require a separate explicit trading credential for order placement.
A mistaken or over-eager agent could place or cancel real Kalshi orders and cause financial loss.
The API client exposes direct order placement and cancellation with caller-supplied ticker, side, count, and price, but the included function does not enforce dry-run mode, user confirmation, bankroll limits, edge thresholds, or duplicate-position checks.
async function placeOrder({ ticker, action = 'buy', side = 'yes', type = 'limit', count, price }) {
return kalshiApi('POST', '/trade-api/v2/portfolio/orders', {
ticker, action, side, type, count,
yes_price: side === 'yes' ? price : undefined,
no_price: side === 'no' ? price : undefined,
});
}
async function cancelOrder(orderId) {
return kalshiApi('DELETE', '/trade-api/v2/portfolio/orders/' + orderId);
}Add hard safeguards in executable code: default dry-run, explicit per-order user approval, maximum order size, duplicate-position checks, and enforcement of the documented risk rules before any POST or DELETE order request.
Users may believe order-execution safety checks are included, when the reviewed files only show a lower-level API client with raw order methods.
SKILL.md advertises trade and portfolio scripts, including safety checks, but the provided file manifest only includes scripts/kalshi-auth.js and scripts/scan-edges.js. The claimed safety wrapper is therefore not reviewable in the supplied artifacts.
- `scripts/trade.js` — Place/cancel orders with safety checks - `scripts/portfolio.js` — Check balance, positions, P&L
Include the referenced scripts in the package or remove those instructions; make any safety checks visible and enforce them in the reviewed code.