caracal-strategy
Pass
Audited by Gen Agent Trust Hub on Jun 28, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTIONDATA_EXFILTRATIONREMOTE_CODE_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill's installation process involves fetching scripts, configuration files, and runtime specifications from the vendor's official GitHub repository (
https://github.com/Senpi-ai/senpi-skills). These downloads are expected for the skill's setup and originate from a trusted vendor source. - [COMMAND_EXECUTION]: The skill provides standard instructions for running its producer daemon in the background using Linux process management tools like
setsidandnohup. No suspicious or privilege-escalating commands are present. - [PROMPT_INJECTION]: Instructions in
SKILL.mddefine a safety boundary, explicitly prohibiting the AI agent from executing trading commands during interactive user sessions to prevent accidental or unauthorized orders. This is a safety measure to ensure only the automated producer can signal trades. - [DATA_EXFILTRATION]: The skill transmits structured trading signals (including technical scores and market identifiers) to the vendor's MCP infrastructure. This behavior is a core component of the strategy's operation and uses standard environment-based authentication tokens.
- [REMOTE_CODE_EXECUTION]: The Python scripts dynamically load a supporting library (
senpi_runtime_helpers) from the platform's standard local installation directory. This is a routine operation for skills within this execution environment and does not involve untrusted remote code.
Audit Metadata