barracuda-strategy

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The scanner (scripts/barracuda-scanner.py) calls mcporter_call to fetch public market and SM/Hyperfeed data (e.g., "leaderboard_get_markets", "market_list_instruments", "market_get_asset_data"), and that untrusted/user-generated third-party content is directly read and used (sm_aligned, funding persistence, trend checks) to make gating and trading decisions.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is explicitly a trading automation strategy for crypto derivatives: it describes entering positions to "collect funding", enforces leverage and entry/exit rules, and specifies "Position OPENED" / "Position CLOSED" notifications and expected trade frequency. Those elements show the skill's primary purpose is to execute market trades (open/close positions), i.e., direct financial execution (market orders), even if specific exchange APIs aren't named. This meets the criteria for Direct Financial Execution.