Skills
skills/senpi-ai/senpi-skills/kestrel-strategy/Gen Agent Trust Hub

kestrel-strategy

Pass

Audited by Gen Agent Trust Hub on May 15, 2026

Risk Level: SAFE
Full Analysis
  • [COMMAND_EXECUTION]: The script scripts/kestrel_config.py utilizes subprocess.run to invoke the mcporter command-line utility. This is the platform's standard method for executing trading tools and fetching market data. The implementation uses a structured list of arguments, which prevents shell injection vulnerabilities.
  • [SAFE]: The skill uses environment variables (KESTREL_WALLET, KESTREL_STRATEGY_ID) and configuration files for sensitive identifiers, which is consistent with the platform's security best practices.
  • [SAFE]: All external references and source links point to the vendor's (Senpi-ai) official GitHub repositories and domains, representing normal vendor functionality.
Audit Metadata
Risk Level
SAFE
Analyzed
May 15, 2026, 10:51 AM