senpi-trading-runtime
Pass
Audited by Gen Agent Trust Hub on May 19, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill manages background trading processes ("daemons") using a dedicated process-control module (
senpi_runtime_helpers/manage.py) that leveragessubprocess.Popento relaunch worker scripts. This is a core feature enabling the automated trading functionality to persist independently of the agent session. - [COMMAND_EXECUTION]: The bundled
senpi-helpersoperator CLI usessubprocess.runto invoke thepgrepsystem utility. This is used solely for process discovery to support environment variable inheritance for the trading daemons. - [DATA_EXPOSURE]: The runtime state management system implemented in
senpi_runtime_helpers/state.pyincludes a proactive security filter (_SENSITIVE_KEYS) that scrubs sensitive credentials, such asSENPI_AUTH_TOKENandANTHROPIC_API_KEY, from environment snapshots before they are written to disk. This prevents accidental exposure of secrets in debug logs or state files.
Audit Metadata