Predictclaw Publish Docs 20260320
v0.1.11Predict.fun skill with a PolyClaw-style CLI for markets, wallet funding, trading, positions, and hedging.
⭐ 0· 92·0 current·0 all-time
by@walioo
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Benign
medium confidencePurpose & Capability
The name/description (PredictClaw CLI for markets, wallets, trades, hedging) aligns with the files, dependencies, and runtime behavior. Requiring the 'uv' binary is coherent (the SKILL.md uses 'uv sync' / 'uv run'). The presence of code to call predict.fun REST endpoints, manage orders, and handle private-key-based signing is expected for this purpose.
Instruction Scope
The runtime instructions and code legitimately read environment variables and a local .env file and make network calls to predict.fun (and optionally OpenRouter for hedge analysis). However, PredictClaw delegates advanced vault control-plane work to a user-configurable command (ERC_MANDATED_MCP_COMMAND, default 'erc-mandated-mcp') — the skill will invoke whatever launcher you configure. That launcher can execute arbitrary local actions: ensure the command you point at is trustworthy. Otherwise, instructions stay within the stated domain and do not, by default, send data to unknown endpoints.
Install Mechanism
Install uses a single brew formula 'uv' (low-risk, traceable). There are no downloads from arbitrary URLs or extract steps in the manifest. The code is packaged as a Python project; install instructions rely on uv rather than pulling unknown binaries.
Credentials
The SKILL metadata intentionally lists only two universal env vars (PREDICT_ENV, PREDICT_WALLET_MODE) while many other sensitive env vars (PREDICT_PRIVATE_KEY, PREDICT_PRIVY_PRIVATE_KEY, ERC_MANDATED_* keys, OPENROUTER_API_KEY, etc.) are mode-specific. This is explained in SKILL.md, but it means the manifest's minimal env list can underrepresent the sensitive configuration the code accepts. Providing private keys or vault credentials is required for signer-backed modes and is therefore proportionate to the feature set — but you should only supply those secrets if you trust the skill and host.
Persistence & Privilege
always:false (not force-included) and disable-model-invocation:false (normal) — the skill doesn't request elevated platform presence. It does not modify other skills' configs or request system-wide privileges. Note: because the skill can be invoked autonomously (default platform behavior), combining autonomous invocation with provided private keys would increase risk — treat signer-backed modes cautiously.
Assessment
This skill appears to implement the CLI it claims. Key things to check before installing or enabling signer-backed modes: 1) Prefer trying read-only mode first (PREDICT_WALLET_MODE=read-only) to validate market/browse functionality without providing secrets. 2) If you enable eoa/predict-account/mandated-vault modes you must supply private keys or vault credentials — only do this if you trust the skill and the host. 3) ERC_MANDATED_MCP_COMMAND is a user-configurable local command the skill will execute for vault operations; verify that command is a trusted binary/script (it can execute arbitrary local actions). 4) Optional hedge analysis may call OpenRouter if you set OPENROUTER_API_KEY — only enable that if you trust the external LLM provider. 5) If you want extra assurance, review the included source (many Python modules are present) or run the skill in an isolated environment/container before using real keys or mainnet endpoints.Like a lobster shell, security has layers — review code before you run it.
latestvk972wjrbyz9erqdgd6f2bs8v858387se
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
Runtime requirements
🔮 Clawdis
Binsuv
EnvPREDICT_ENV, PREDICT_WALLET_MODE
Install
Install uv (brew)
Bins: uv
brew install uv