falcon-strategy
Warn
Audited by Snyk on Jun 28, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.75). Runtime LLM context is built from
runtime.yamlactionfalcon_entrywheredecision_promptincludes{{signal_falcon_signals}}; that signal is produced by the outsider-authored data fetched at runtime via MCP tools likemarket_list_instruments(dex="xyz"),market_get_asset_data, andleaderboard_get_markets, whose returned fields are inserted into the prompt as free-form JSON.
MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).
- Direct money access detected (high risk: 1.00). The skill is explicitly a trading strategy designed to execute market activity on an exchange ("xyz"). It references market APIs (market_list_instruments, market_get_asset_data), describes execution behavior ("taker-true entry", "Producer enters", "No close_position call site", DSL entry/exit presets, ladder/taker/maker trade mechanics) and is explicitly intended to open and manage positions around an IPOP→STANDARD conversion event. This is a specific market-order trading capability (buy/sell/execution of financial instruments), which meets the "Market Orders" criterion for Direct Financial Execution.
Issues (2)
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
W009
MEDIUMDirect money access capability detected (payment gateways, crypto, banking).
Audit Metadata