kalshi-trading

This skill document is consistent with its stated purpose: operating the kalshi-cli to interact with Kalshi prediction markets. I found no indicators of supply-chain malware, credential exfiltration to third-party domains, or obfuscated/hidden malicious behavior. The primary security considerations are operational: credential exposure risks from passing PEM via environment variables or command-line flags, and automation patterns (--yes, batch-create, --prod) that could cause unintended real-money trades if misused. Follow the documented mitigations (use demo mode, store credentials securely in OS keyring, confirm before using --prod, avoid exposing private keys in logs or CI) to reduce risk.