bald-eagle
Pass
Audited by Gen Agent Trust Hub on Mar 19, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill processes data from external sources like the Hyperliquid leaderboard (trader tags, asset names, momentum events). This represents an indirect prompt injection surface where a malicious actor on the exchange could attempt to influence agent behavior through crafted metadata.
- Ingestion points:
scripts/bald-eagle-scanner.pyretrieves data usingmcporter_callfor markets, top traders, and momentum events. - Boundary markers: Findings are output as structured JSON, but string-based data from the exchange (e.g., trader tags) is not explicitly delimited to prevent the agent from interpreting the content as instructions.
- Capability inventory: The skill has the capability to initiate trades, set leverage, and manage risk parameters based on the scanner's output.
- Sanitization: Numerical data is sanitized via
safe_floatandsafe_int, but string-based metadata lacks explicit sanitization against potential injection patterns. - [EXTERNAL_DOWNLOADS]:
scripts/bald_eagle_config.pyimplements a fallback mechanism for MCP tool calls using therequestslibrary. This mechanism sends data to an API base defined in environment variables, which is consistent with the vendor's (Senpi-ai) infrastructure for skill execution.
Audit Metadata