mamba
Pass
Audited by Gen Agent Trust Hub on Apr 26, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The script
scripts/mamba_config.pyusessubprocess.runto call the platform'smcporterCLI utility. The implementation correctly uses list-based arguments to prevent shell injection, and the command is limited to authorized platform functions. - [DATA_STORAGE]: The skill manages internal state (such as trade counters and asset cooldowns) by writing to the authorized workspace path at
/data/workspace/skills/mamba-strategy/state/. This is standard for persistence in this environment. - [PROMPT_INJECTION]: The
SKILL.mdfile contains instructions regarding trading logic, leverage caps, and asset filtering. No patterns attempting to bypass agent safety filters or extract system prompts were observed. - [EXTERNAL_ACCESS]: Network interactions are handled via calls to the
mcportertool, which acts as a gateway for market data and exchange operations. No direct network requests or external code downloads from unknown sources are present.
Audit Metadata