trading-kalshi
Pass
Audited by Gen Agent Trust Hub on Feb 20, 2026
Risk Level: SAFENO_CODEPROMPT_INJECTIONDATA_EXFILTRATION
Full Analysis
- [No Code] (SAFE): The skill consists solely of a markdown manifest (SKILL.md). No implementation scripts (Python, JavaScript, or Shell) were provided for analysis.
- [Data Exposure] (LOW): The skill requires Kalshi private keys (PEM) for authentication. While standard for trading functionality, the requirement for private key paths or content represents a sensitive data handling surface.
- [Indirect Prompt Injection] (LOW): 1. Ingestion points: Market names, search results, and event descriptions from the Kalshi API (SKILL.md). 2. Boundary markers: Absent. 3. Capability inventory: Financial trading (buy/sell), balance retrieval, and order cancellation (SKILL.md). 4. Sanitization: Not verifiable without the underlying implementation code.
Audit Metadata