egret-strategy

Pass

Audited by Gen Agent Trust Hub on Jun 28, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: No malicious patterns or security risks were identified.
  • [EXTERNAL_DOWNLOADS]: The skill fetches strategy components and runtime dependencies from the vendor's official GitHub repository (Senpi-ai/senpi-skills). This is a standard procedure for deploying the strategy and originates from a trusted source.
  • [COMMAND_EXECUTION]: Employs standard shell commands (nohup, disown) to ensure the signal producer continues running in the background. This is expected behavior for a long-lived trading daemon.
  • [DATA_EXFILTRATION]: Performs network operations solely for interacting with the Hyperliquid exchange (via MCP tools) and the vendor's signal endpoint. No unauthorized data transmission to external domains was detected.
  • [CREDENTIALS_UNSAFE]: Accesses environment variables for the wallet address and authentication token. This follows standard security practices for managing sensitive configuration outside of the codebase, using placeholders like YOUR_API_KEY_HERE for user setup.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 28, 2026, 08:48 PM
Security Audit — agent-trust-hub — egret-strategy