Skills
skills/serenorg/seren-skills/saas-short-trader/Gen Agent Trust Hub

saas-short-trader

Pass

Audited by Gen Agent Trust Hub on Apr 4, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: Fetches market and sentiment data from various external publishers including Alpaca, SEC Filings (via SerenDB), Google Trends, and Perplexity/Exa.
  • [COMMAND_EXECUTION]: Provides detailed instructions for setting up a local trigger server (run_agent_server.py) and configuring cron jobs on the Seren platform. These operations involve shell commands and Python script execution.
  • [DATA_EXFILTRATION]: Persists trading strategy results, PnL tracking data, and self-learning artifacts to a remote SerenDB instance. This is a core part of the skill's documented functionality for cross-session persistence.
  • [CREDENTIALS_UNSAFE]: The skill manages a SEREN_API_KEY used for authenticating with the Seren platform and Alpaca. It provides instructions for secure management via environment variables and .env files, and includes a registration step via an official API endpoint.
  • [INDIRECT_PROMPT_INJECTION]: The skill ingests untrusted external data from SEC filings and news summaries. However, it processes this data using deterministic keyword scoring and numerical clamping in strategy_engine.py rather than passing raw text back to the agent for instruction following.
  • Ingestion points: strategy_engine.py (SEC filings, Google Trends, News/Perplexity).
  • Boundary markers: Uses structured SQL queries and JSON responses for data retrieval.
  • Capability inventory: Network requests via requests and urllib, SQL execution via MCP and psycopg.
  • Sanitization: Numerical extraction and keyword counting with clamping are used to generate stock scores.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 4, 2026, 08:19 PM