falcon-strategy

Warn

Audited by Snyk on Jun 28, 2026

Risk Level: MEDIUM
Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (high risk: 0.75). Runtime LLM context is built from runtime.yaml action falcon_entry where decision_prompt includes {{signal_falcon_signals}}; that signal is produced by the outsider-authored data fetched at runtime via MCP tools like market_list_instruments(dex="xyz"), market_get_asset_data, and leaderboard_get_markets, whose returned fields are inserted into the prompt as free-form JSON.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

  • Direct money access detected (high risk: 1.00). The skill is explicitly a trading strategy designed to execute market activity on an exchange ("xyz"). It references market APIs (market_list_instruments, market_get_asset_data), describes execution behavior ("taker-true entry", "Producer enters", "No close_position call site", DSL entry/exit presets, ladder/taker/maker trade mechanics) and is explicitly intended to open and manage positions around an IPOP→STANDARD conversion event. This is a specific market-order trading capability (buy/sell/execution of financial instruments), which meets the "Market Orders" criterion for Direct Financial Execution.

Issues (2)

W011
MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

W009
MEDIUM

Direct money access capability detected (payment gateways, crypto, banking).

Audit Metadata
Risk Level
MEDIUM
Analyzed
Jun 28, 2026, 08:48 PM
Issues
2
Security Audit — snyk — falcon-strategy