grizzly-strategy

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's scanner (scripts/grizzly-scanner.py) directly calls mcporter_call("market_get_asset_data") and mcporter_call("leaderboard_get_markets") (via grizzly_config.py) to ingest public market candles/funding and leaderboard/smart‑money data and then uses that data to build trading theses and drive entry/exit decisions, meaning untrusted third‑party content can materially influence actions.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is explicitly a trading agent for BTC: it defines entry/exit rules, leverage and margin sizing, position limits, and automated scanning that "opens" and "closes" BTC positions (including DSL High Water trailing-stop behavior). It mandates automated crons to evaluate and execute trades, and notification policy only for position OPENED/CLOSED — all indicating direct market-order execution capability rather than a generic tool. This is a specific financial execution skill (crypto trading/market orders), not a generic interface.