Skills
skills/senpi-ai/senpi-skills/condor-strategy/Gen Agent Trust Hub

condor-strategy

Pass

Audited by Gen Agent Trust Hub on May 15, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONREMOTE_CODE_EXECUTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill downloads its runtime configuration (runtime.yaml), strategy logic (condor-scanner.py), and utility scripts (condor_config.py) from the vendor's GitHub repository at github.com/Senpi-ai/senpi-skills during the installation process.
  • [REMOTE_CODE_EXECUTION]: The installation process involves downloading and executing Python scripts and a YAML configuration, which is the intended operational model for this trading skill.
  • [COMMAND_EXECUTION]: The script uses subprocess.run to call the mcporter CLI tool, which handles communications with the Hyperliquid exchange for fetching data and placing trades.
  • [DATA_EXPOSURE]: In scripts/condor_config.py, the SKILL_DIR variable is hardcoded to mantis-strategy, which contradicts the skill's name (condor-strategy) and the installation path provided in SKILL.md. This results in the skill reading from and writing to the directory of a different strategy, potentially leading to state collision.
  • [INDIRECT_PROMPT_INJECTION]: The skill processes untrusted external market data.
  • Ingestion points: Data enters the agent context through market_list_instruments and leaderboard_get_markets calls in condor-scanner.py.
  • Boundary markers: None (data is processed as structured JSON, not natural language prompts).
  • Capability inventory: Subprocess execution (subprocess.run) and file system writes (atomic_write) are available to the script.
  • Sanitization: The script uses json.loads for parsing and enforces numeric types via safe_float, which prevents the data from being interpreted as executable instructions.
Audit Metadata
Risk Level
SAFE
Analyzed
May 15, 2026, 10:52 AM