grizzly-horribilis-strategy

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's runtime (scripts/grizzly-scanner.py and SKILL.md) explicitly calls mcporter_call("leaderboard_get_markets") and market_get_asset_data to ingest leaderboard/market metrics (user-generated trader/market data) and the agent directly reads and scores that untrusted, user-generated content to decide create_position actions.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is explicitly a trading strategy with built-in trade execution. Evidence:
• "Scanner calls create_position internally (Wolverine pattern)" and "scripts/grizzly-scanner.py | BTC conviction scorer + internal execution" — explicit internal API/function to open positions.
• Cron runs the scanner (python3 grizzly-scanner.py) and "Scanner handles execution internally" — automated runtime execution of trades.
• Runtime/config references a wallet and runtime.yaml ("sed -i 's/${WALLET_ADDRESS}//' ...", config/grizzly-config.json | Wallet, strategy ID) — direct link to an account/wallet used for trading.
• Trading-specific parameters (leverage tiers, margin = 50% of account, ensureExecutionAsTaker, FEE_OPTIMIZED_LIMIT, MAX positions, entry/exit rules, RatchetStop exits) show the primary purpose is to place/manage financial orders.

This is not a generic tool; it is specifically designed to move funds by opening and managing crypto (BTC) positions. Therefore it grants Direct Financial Execution Authority.