roach-strategy

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The scanner code calls mcporter_call("leaderboard_get_markets") and market_get_asset_data (scripts/roach-scanner.py and roach_config.py) to ingest live market/leaderboard data from external/public sources and SKILL.md explicitly states the scanner output is authoritative and drives create_position/entry decisions, so untrusted third‑party content is read and directly influences agent actions.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is explicitly a trading strategy with built-in commands and configuration to open and manage live positions. It requires setting a strategy wallet address in runtime.yaml, references on-chain position detection ("position_tracker scanner auto-detects position opens/closes on-chain"), and the entry flow includes an explicit create_position call and checks of exchange/clearinghouse state and leverage. It also uses CLI tooling (openclaw senpi dsl positions / inspect, openclaw senpi runtime create) and a plugin runtime that applies DSL exits/trailing stops. These are specific, purpose-built financial execution actions (opening/monitoring/closing market positions and interacting with a strategy wallet), not generic tooling. Therefore it grants direct financial execution authority.