Back to plugin

Security audit

Prediction Market Data Zh

Security checks across malware telemetry and agentic risk

Overview

The package and its runtime instructions are internally consistent: it ships a Python client that queries AIsa's API and requires only an AISA_API_KEY and python3, which matches the skill's stated purpose.

This skill is coherent: it runs a bundled Python client that queries AIsa's API and requires an AISA_API_KEY. Before installing, confirm you trust the AIsa service (api.aisa.one) because your API key and queries will be sent there. Review the included Python script if you want to verify exactly what fields are sent or logged. Because no other credentials or system paths are requested and there are no remote install steps, the main risk is exposure of the AISA_API_KEY and any data you send to that third party — treat the key like any API secret (limit its permissions if possible, rotate/revoke if compromised).

VirusTotal

No VirusTotal findings

View on VirusTotal

Static analysis

No suspicious patterns detected.