owl-strategy

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The scanner (scripts/owl-scanner.py) calls cfg.mcporter_call to fetch live market and leaderboard data from external sources—e.g., "market_list_instruments", "leaderboard_get_markets", and "market_get_asset_data"—and directly parses those public/untrusted data feeds to score exhaustion/crowding and decide trade entries, so third‑party content can materially influence actions.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is explicitly a trading strategy whose primary purpose is to enter and manage market positions: it defines entry rules ("enters AGAINST the crowd"), entry frequency ("1-2 trades per day"), position limits, ROE targets, DSL trailing-stop behavior, re-crowding exits, and cron jobs for a scanner and DSL executor. It references scripts and config files (owl-scanner.py, DSL High Water Mode, scanner and DSL crons) that imply automated order placement and stop management. This is a specific financial-execution capability (market orders/position management), not a generic tool, so it meets the "Direct Financial Execution" criteria.