Skills
skills/senpi-ai/senpi-skills/senpi-getting-started-guide/Gen Agent Trust Hub

senpi-getting-started-guide

Pass

Audited by Gen Agent Trust Hub on Mar 18, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses shell scripts to initialize and maintain a local state file located at ~/.config/senpi/state.json. It utilizes node -p to parse and extract values from this JSON file. This behavior is found in SKILL.md and references/next-steps.md.
  • [EXTERNAL_DOWNLOADS]: The documentation in SKILL.md provides installation instructions that fetch the skill's source files directly from the author's official GitHub repository at Senpi-ai/senpi-skills.
  • [PROMPT_INJECTION]: The skill processes data fetched from external MCP tools and interpolates this into user-facing templates, creating a surface for indirect prompt injection.
  • Ingestion points: Data enters the system via MCP tool outputs (e.g., discovery_get_top_traders) as described in references/discovery-guide.md and the local state.json file in SKILL.md.
  • Boundary markers: No explicit delimiters or "ignore instructions" warnings are used to separate external data from the agent's core instructions when displaying content to the user.
  • Capability inventory: The skill has the capability to execute financial trades (creating and closing mirror strategies) via the Senpi MCP tools documented in references/strategy-management.md and can perform file-write operations to the local file system.
  • Sanitization: The skill does not describe specific sanitization, escaping, or validation routines for data received from the MCP server before it is processed and presented.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 18, 2026, 10:35 PM