bison-strategy

Warn

Audited by Socket on May 18, 2026

1 alert found:

Security
SecurityMEDIUM
SKILL.md

SUSPICIOUS. The skill’s capabilities broadly match its stated purpose as a crypto trading strategy, so this is not confirmed malware. However, it enables autonomous live trading with real financial impact and relies on privately distributed Senpi runtime/helper components whose provenance is not independently verifiable from public package sources, creating high security risk despite limited evidence of outright credential theft or exfiltration.

Confidence: 81%Severity: 78%
Audit Metadata
Analyzed At
May 18, 2026, 05:09 PM
Package URL
pkg:socket/skills-sh/Senpi-ai%2Fsenpi-skills%2Fbison-strategy%2F@317bc32d41842d614077ff237a73937eb2b54c63
Security Audit — socket — bison-strategy