falcon-strategy

Pass

Audited by Gen Agent Trust Hub on Jun 28, 2026

Risk Level: SAFE
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The installation instructions in README.md fetch strategy scripts from the vendor's official GitHub repository (Senpi-ai). This is a legitimate configuration step and targets a trusted source associated with the skill author.
  • [DATA_EXFILTRATION]: The skill uses the SENPI_AUTH_TOKEN and wallet addresses to facilitate trading via the platform's API. Data transmission is limited to the push_signal functionality of the provided client, which is part of the intended operation and does not target unauthorized external endpoints.
  • [COMMAND_EXECUTION]: The strategy implements state persistence by writing and reading JSON files in the local /state directory. This is used for tracking market instrument classifications over time to detect regime changes and does not involve executing arbitrary system commands or unauthorized file access.
  • [PROMPT_INJECTION]: The skill includes a decision prompt for the LLM that mandates strict adherence to producer signals and includes 'HARD SKIP CONDITIONS'. While the agent processes market data which represents a surface for indirect injection, the prompt contains robust boundary rules and validation logic to ensure the LLM acts as a pass-through gate.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 28, 2026, 08:48 PM
Security Audit — agent-trust-hub — falcon-strategy