dflow-kalshi-trading

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill explicitly instructs the agent to ask the user for a DFlow API key and to include an x-api-key on HTTP requests (and to generate scripts that use that key), which can force the LLM to emit the secret verbatim in commands or code—creating a direct exfiltration risk.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is explicitly a trading integration for Kalshi prediction markets via DFlow. It provides concrete, finance-specific operations: placing market orders (buy/sell/redeem), submitting /order calls, signing and submitting transactions (CLI or wallet-based API), polling order status, and handling settlement mints/rails. It also documents sponsorship options that pay transaction/initialization fees and describes passing API keys and wallet public keys. Those are explicit crypto/blockchain market-execution capabilities (wallet signing, transaction submission, market orders), not generic tooling. Therefore it grants direct financial execution authority.