create-strategy

Pass

Audited by Gen Agent Trust Hub on Jul 7, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill's wrapper script fetches the upbit-strategy-toolkit directly from the vendor's official GitHub repository (upbit-official/upbit-strategy-toolkit) if it is not found in the local environment.
  • [REMOTE_CODE_EXECUTION]: Uses uvx to download and execute the strategy toolkit from the vendor's remote Git repository. This is the intended mechanism for utilizing the official toolset provided by the skill author.
  • [COMMAND_EXECUTION]: Executes a shell script scripts/upbit-strategy-toolkit.sh to perform strategy validation tasks. The script leverages the uv package manager to run the toolkit CLI.
  • [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface because it processes natural-language trading ideas into structured JSON strategy files. This is addressed by a mandatory human-in-the-loop approval gate and automated schema validation. Evidence:
  • Ingestion points: Natural-language strategy descriptions and revisions in SKILL.md.
  • Boundary markers: Implements a 'design negotiation' phase requiring explicit user approval in 'STEP 2. Explicit Approval Gate' before any files are written.
  • Capability inventory: File write access to {data_root}/strategies/ and execution of validation commands via scripts/upbit-strategy-toolkit.sh.
  • Sanitization: Automatically validates the generated JSON against strict schema constraints and an indicator catalog defined in references/schema.md and references/indicators.md.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 7, 2026, 06:37 AM
Security Audit — agent-trust-hub — create-strategy