meerkat-strategy
Pass
Audited by Gen Agent Trust Hub on Jun 28, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill fetches its scripts and configuration files from the official Senpi-ai GitHub repository (github.com/Senpi-ai/senpi-skills), which is a trusted source for this strategy's components.
- [COMMAND_EXECUTION]: The README provides instructions to run the strategy producer as a background process using standard Linux commands (nohup and disown), fitting for a long-lived trading agent.
- [INDIRECT_PROMPT_INJECTION]: The skill processes external market data. 1. Ingestion points: Market event data from leaderboard_get_momentum_events enters via meerkat-producer.py. 2. Boundary markers: The prompt in runtime.yaml uses a 'SIGNAL:' header but lacks formal isolation delimiters. 3. Capability inventory: The skill performs OPEN_POSITION actions (runtime.yaml). 4. Sanitization: The meerkat-producer.py script applies validation, tier classification, and score thresholds to filter incoming data.
Audit Metadata