mantis-strategy
Pass
Audited by Gen Agent Trust Hub on Apr 26, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill operates within its stated purpose of scanning market data and generating trading signals. No suspicious or undocumented capabilities were identified.
- [COMMAND_EXECUTION]: In
scripts/mantis_config.py, themcporter_callfunction utilizessubprocess.runto invoke the platform's tool proxy (mcporter). This is a legitimate and controlled mechanism for the agent to access platform tools. Arguments are passed as a list to prevent shell injection vulnerabilities. - [DATA_EXFILTRATION]: Analysis confirms that no sensitive data (such as wallet addresses or private keys) is sent to external or unauthorized domains. All telemetry and trade logs are maintained within the local workspace directory.
- [EXTERNAL_DOWNLOADS]: All external URLs point to the official GitHub organization and domain of the vendor (Senpi-ai), which are recognized as trusted resources for this skill.
Audit Metadata