@1247/trade-simulator
Pass
Audited by Gen Agent Trust Hub on Mar 18, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill implements a behavioral market simulation using a multi-agent framework. It interacts with well-known LLM services (OpenRouter) using standard libraries (openai, httpx, requests). Networking is handled through established proxy patterns and SSL verification protocols. No evidence of malicious command execution, persistence, or sensitive file access was found.\n- [PROMPT_INJECTION]: The skill presents a surface for indirect prompt injection because it incorporates external data into agent reasoning processes.\n
- Ingestion points: Live market data (Open Interest, Funding, Liquidations) and user-provided scenarios are ingested through scripts/mirofish_engine.py and scripts/simulate.py.\n
- Boundary markers: Absent; the skill interpolates untrusted market data directly into agent persona prompts using f-strings.\n
- Capability inventory: The skill's capabilities are restricted to generating simulation results and analysis reports. There are no functions for writing to the file system, spawning subprocesses, or performing unauthorized network operations.\n
- Sanitization: No sanitization or validation logic is applied to the ingested market data or scenario descriptions prior to prompt construction.
Audit Metadata