sailfish-strategy
Pass
Audited by Gen Agent Trust Hub on Jun 28, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill installation instructions retrieve core components including scripts, configuration files, and the trading runtime from the vendor's official GitHub repository at
github.com/Senpi-ai/senpi-skills. - [COMMAND_EXECUTION]: The strategy relies on a background Python daemon (
sailfish-producer.py) to perform market scanning and signal generation. This is a standard operational pattern for long-lived trading agents. - [DATA_EXFILTRATION]: Market signals and strategy state are transmitted to the vendor's API (
senpi.ai) via the authenticatedSenpiClientfor order execution and strategy tracking, which is the intended primary function of the skill. - [PROMPT_INJECTION]: The runtime configuration includes an LLM decision gate that interpolates signal data. This potential indirect injection surface is mitigated by strict JSON output formatting rules and hardcoded logic gates that validate asset names and leverage levels before execution.
- Ingestion points:
runtime.yamlinterpolates{{signal_sailfish_signals}}into the LLM decision prompt. - Boundary markers: The prompt uses clear section headers but lacks character-based delimiters for the interpolated signal data.
- Capability inventory: The agent is authorized to perform
OPEN_POSITIONactions through thesailfish_entrytask. - Sanitization: The producer script (
sailfish-producer.py) forces numeric types for scores and percentages and uses a fixed whitelist for asset selection, limiting the influence of external data.
Audit Metadata