stag-strategy

Pass

Audited by Gen Agent Trust Hub on Jun 28, 2026

Risk Level: SAFE
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses a Python script (scripts/stag-producer.py) to run a long-lived daemon for market monitoring and signal generation. This is a functional requirement for the strategy's automated operation.
  • [EXTERNAL_DOWNLOADS]: The README documentation provides instructions for downloading strategy components from the author's official GitHub repository (Senpi-ai/senpi-skills). These are legitimate vendor-owned resources.
  • [DATA_EXFILTRATION]: The SenpiClient wrapper in scripts/stag_config.py is used to push signal data to the vendor's API. This telemetry is consistent with the strategy's design within the Senpi ecosystem.
  • [PROMPT_INJECTION]: The runtime.yaml file contains an LLM decision prompt with strict formatting rules and hard skip conditions to prevent the agent from acting on invalid or malicious data processed during market analysis.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 28, 2026, 08:48 PM
Security Audit — agent-trust-hub — stag-strategy