Kraken

The OpenClaw AgentSkills skill bundle for Kraken Crypto appears benign. It provides a legitimate interface to the Kraken API for portfolio management and market data. API credentials are handled securely via environment variables or a `.env` file. The `SKILL.md` instructions are clear and directly align with the skill's stated purpose, showing no evidence of prompt injection attempts to subvert the agent. While `kraken_cli.py` uses `subprocess.run` to execute `kraken_api.py`, arguments are passed via `argparse`, mitigating command injection risks. All network activity is directed to the official Kraken API endpoints.