sailfish-strategy

Pass

Audited by Gen Agent Trust Hub on Jun 28, 2026

Risk Level: SAFE
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill installation instructions retrieve core components including scripts, configuration files, and the trading runtime from the vendor's official GitHub repository at github.com/Senpi-ai/senpi-skills.
  • [COMMAND_EXECUTION]: The strategy relies on a background Python daemon (sailfish-producer.py) to perform market scanning and signal generation. This is a standard operational pattern for long-lived trading agents.
  • [DATA_EXFILTRATION]: Market signals and strategy state are transmitted to the vendor's API (senpi.ai) via the authenticated SenpiClient for order execution and strategy tracking, which is the intended primary function of the skill.
  • [PROMPT_INJECTION]: The runtime configuration includes an LLM decision gate that interpolates signal data. This potential indirect injection surface is mitigated by strict JSON output formatting rules and hardcoded logic gates that validate asset names and leverage levels before execution.
  • Ingestion points: runtime.yaml interpolates {{signal_sailfish_signals}} into the LLM decision prompt.
  • Boundary markers: The prompt uses clear section headers but lacks character-based delimiters for the interpolated signal data.
  • Capability inventory: The agent is authorized to perform OPEN_POSITION actions through the sailfish_entry task.
  • Sanitization: The producer script (sailfish-producer.py) forces numeric types for scores and percentages and uses a fixed whitelist for asset selection, limiting the influence of external data.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 28, 2026, 08:48 PM
Security Audit — agent-trust-hub — sailfish-strategy