condor-strategy

CRITICAL E005: Suspicious download URL detected in skill instructions.

• Suspicious download URL detected (high risk: 0.90). These links point to raw Python scripts and config files in a small/unvetted GitHub repo and a project site, and the provided install instructions explicitly instruct downloading and executing those scripts (via curl + cron/python), which makes them a high-risk vector for malware or backdoors even though the files are on GitHub.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill directly fetches and ingests public market and "Smart Money" leaderboard data via mcporter_call (e.g., fetch_universe -> market_list_instruments and fetch_sm_map -> leaderboard_get_markets), and the agent uses that untrusted, user-derived content to score signals and autonomously create positions, so third-party content can materially influence actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 1.00). The install instructions fetch and later execute remote Python code (e.g. https://raw.githubusercontent.com/Senpi-ai/senpi-skills/main/condor/scripts/condor-scanner.py via curl and then "python3 /data/.../scripts/condor-scanner.py"), so the skill depends on external content that is executed at runtime and thus can directly control agent behavior.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). Yes. The skill is explicitly a crypto trading strategy with automated execution primitives: it configures a strategy wallet (runtime.yaml WALLET_ADDRESS), installs a runtime and a scanner cron that likely places trades (condor-scanner.py), references trading APIs/ops such as strategy_get_asset_trading_limits, margin/leverage settings, position sizing, entry/exit rules, DSL-managed exits, on-chain RatchetStop, and hard caps for leverage and drawdown. These are specific, purpose-built controls for placing market positions and managing funds on (Hyperliquid) crypto markets — i.e., direct financial execution.