create-strategy
Pass
Audited by Gen Agent Trust Hub on Jul 7, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill's wrapper script fetches the
upbit-strategy-toolkitdirectly from the vendor's official GitHub repository (upbit-official/upbit-strategy-toolkit) if it is not found in the local environment. - [REMOTE_CODE_EXECUTION]: Uses
uvxto download and execute the strategy toolkit from the vendor's remote Git repository. This is the intended mechanism for utilizing the official toolset provided by the skill author. - [COMMAND_EXECUTION]: Executes a shell script
scripts/upbit-strategy-toolkit.shto perform strategy validation tasks. The script leverages theuvpackage manager to run the toolkit CLI. - [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface because it processes natural-language trading ideas into structured JSON strategy files. This is addressed by a mandatory human-in-the-loop approval gate and automated schema validation. Evidence:
- Ingestion points: Natural-language strategy descriptions and revisions in
SKILL.md. - Boundary markers: Implements a 'design negotiation' phase requiring explicit user approval in 'STEP 2. Explicit Approval Gate' before any files are written.
- Capability inventory: File write access to
{data_root}/strategies/and execution of validation commands viascripts/upbit-strategy-toolkit.sh. - Sanitization: Automatically validates the generated JSON against strict schema constraints and an indicator catalog defined in
references/schema.mdandreferences/indicators.md.
Audit Metadata