ox-strategy
Pass
Audited by Gen Agent Trust Hub on Jun 28, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The strategy's installation process retrieves scripts and configuration files from the author's official GitHub repository (github.com/Senpi-ai/senpi-skills). These downloads are necessary for the skill's operation and originate from the author's own code hosting.
- [COMMAND_EXECUTION]: The skill is intended to run as a persistent background process. The provided setup instructions utilize standard process management commands (nohup, setsid) to ensure the trading daemon remains active after the terminal session ends.
- [DATA_EXFILTRATION]: The skill communicates with the Senpi platform API via the SenpiClient wrapper to exchange trading data and signals. This network activity is restricted to authorized platform endpoints using the operator's environment variables.
- [PROMPT_INJECTION]: The runtime configuration includes specific instructions for the LLM acting as a decision gate. These instructions reinforce the strategy's logic, such as enforcing LONG-only positions and copying signal parameters exactly, rather than attempting to bypass safety protocols.
Audit Metadata