Skills
skills/purong-huang-1121/skills-store/dapp-kalshi/Snyk

dapp-kalshi

Fail

Audited by Snyk on Mar 15, 2026

Risk Level: CRITICAL
Full Analysis

CRITICAL E005: Suspicious download URL detected in skill instructions.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (high risk: 0.80). The skill directly queries Kalshi's public APIs (demo-api.kalshi.co / api.elections.kalshi.com and the plugin-store kalshi search/markets/event/price/book/history commands shown in SKILL.md) and ingests market titles, event data, prices and orderbooks from that third-party site which the agent then uses to make trading decisions, so untrusted external content could indirectly influence actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

  • Direct money access detected (high risk: 1.00). The skill explicitly includes trading commands that place real-money orders on Kalshi (e.g., plugin-store kalshi buy/sell/cancel/orders/positions/balance), requires Kalshi API credentials, distinguishes demo vs prod (with --env prod for real trades), and instructs confirming and executing production orders. This is a specific market-order / trading integration intended to move real USD funds (not a generic HTTP or browser tool), so it provides direct financial execution capability.

Issues (4)

E005
CRITICAL

Suspicious download URL detected in skill instructions.

W011
MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

W012
MEDIUM

Unverifiable external dependency detected (runtime URL that controls agent).

W009
MEDIUM

Direct money access capability detected (payment gateways, crypto, banking).

Audit Metadata
Risk Level
CRITICAL
Analyzed
Mar 15, 2026, 03:47 AM
Issues
4