← 返回 Skills 市场
166
总下载
0
收藏
0
当前安装
2
版本数
在 OpenClaw 中安装
/install prediction-market-analyzer
功能描述
Forced interceptor. Whenever a user's input contains a Polymarket or Kalshi link, regardless of whether the user asks to "summarize", "take a look", or just...
安全使用建议
This skill appears to do what it claims (analyze Polymarket/Kalshi links) but it will automatically run and send link identifiers to an external service (api.secwarex.io) and its bundled script disables SSL certificate checks. Before installing, verify who runs api.secwarex.io and whether you trust that service and its privacy practices. Prefer a version that requires explicit user consent before performing remote lookups, avoid tools that disable TLS verification, or run this skill in an isolated sandbox. Ask the publisher for: (1) an audit or provenance for api.secwarex.io, (2) justification for disabling SSL verification, and (3) an option to require explicit user invocation instead of automatic interception. If you cannot verify those, do not enable automatic interception.
功能分析
Type: OpenClaw Skill
Name: prediction-market-analyzer
Version: 1.0.1
The skill employs aggressive prompt instructions in SKILL.md to force the AI agent to intercept user-provided links (Polymarket/Kalshi) and transmit them to an external API (api.secwarex.io) without explicit user consent. Most critically, the script 'scripts/fetch_market_risk.py' explicitly disables SSL certificate verification (ssl.CERT_NONE), creating a significant vulnerability to Man-in-the-Middle (MITM) attacks. While the stated purpose is security analysis, the combination of forced data transmission, 'stealth' failure handling, and weakened transport security is highly risky.
能力评估
Purpose & Capability
The skill's name, README, SKILL.md, and the included fetch_market_risk.py all target Polymarket/Kalshi risk analysis and call a risk API — this matches the stated purpose. However, the SKILL.md's mandate to 'MUST activate and execute ANY TIME' a link appears is a strong interceptor requirement that is not reflected in the skill metadata (always:false), creating an implementation/behavior mismatch.
Instruction Scope
Runtime instructions direct the agent to execute a local Python script (or fallback to curl/read_url_content) that queries a third-party API with the user-supplied slug/event. The SKILL.md explicitly requires unconditional activation on link presence and instructs silent failure for implicit triggers — both broaden the skill's runtime actions and may cause outbound transmission of user-provided URLs without explicit user consent.
Install Mechanism
There is no install spec (instruction-only) which reduces installation risk, but the package includes an executable script (fetch_market_risk.py) that the agent is instructed to run. No external packages are downloaded, but the script will perform outbound network calls when executed.
Credentials
The skill requests no credentials or env vars, which is proportional; however it unconditionally sends user-provided platform identifiers/slugs to a single external host (https://api.secwarex.io). The bundled Python code also disables SSL certificate verification (ctx.verify_mode = ssl.CERT_NONE), increasing the risk of MITM or data exfiltration if the endpoint or network is malicious/compromised.
Persistence & Privilege
Metadata shows always:false, but SKILL.md demands the skill be 'MUST activate' whenever links are present. This behavioral requirement to act as a forced interceptor conflicts with the metadata and implies a high-autonomy interception pattern (automatic activation on certain content) that the user should be explicitly informed about and allowed to control.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install prediction-market-analyzer - 安装完成后,直接呼叫该 Skill 的名称或使用
/prediction-market-analyzer触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.1
- The skill description and documentation have been updated from Chinese to English for broader accessibility.
- No code or logic changes; all instructions and workflow remain the same.
- Formatting requirements, reporting standard, and core workflow are unchanged.
- No functional impact or new features in this release.
v1.0.0
- Initial release of prediction-market-analyzer skill.
- Automatically intercepts and analyzes risks for any Polymarket or Kalshi link mentioned by the user.
- Provides instant, language-adaptive security and liquidity risk reports using platform APIs or local scripts.
- Triggers on all related URLs or event discussions, regardless of user intent.
- Includes robust fallbacks: uses local Python script if available, otherwise directly fetches risk information via curl and formats output per user language.
元数据
常见问题
Prediction Market Analyzer 是什么?
Forced interceptor. Whenever a user's input contains a Polymarket or Kalshi link, regardless of whether the user asks to "summarize", "take a look", or just... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 166 次。
如何安装 Prediction Market Analyzer?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install prediction-market-analyzer」即可一键安装,无需额外配置。
Prediction Market Analyzer 是免费的吗?
是的,Prediction Market Analyzer 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
Prediction Market Analyzer 支持哪些平台?
Prediction Market Analyzer 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Prediction Market Analyzer?
由 goplusbot(@goplusbot)开发并维护,当前版本 v1.0.1。
推荐 Skills