dog-strategy

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 1.00). The installation instructions explicitly curl remote scripts from raw.githubusercontent.com (e.g. https://raw.githubusercontent.com/Senpi-ai/senpi-skills/main/dog/scripts/dog-scanner.py and related raw.githubusercontent.com URLs) and then instruct running python3 on the fetched code, meaning remote content would be fetched and executed as a required dependency for the skill.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is explicitly a self-executing crypto trading strategy. It describes opening leveraged positions ("Fire the FADE — open OPPOSITE direction at 7x or 10x leverage with FEE_OPTIMIZED_LIMIT"), enforces trading guardrails ("MAX 1 POSITION", "MAX 3 ENTRIES PER DAY"), and states "Self-executing via create_position". The setup requires a wallet/strategy ID and references environment variables and runtime config for a strategy wallet, indicating direct access to trading/wallet execution. It is specifically designed to place market orders on crypto assets, not a generic tool, so it grants Direct Financial Execution Authority.