sentinel-strategy

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The scanner (scripts/sentinel-scanner.py) makes mcporter_call requests to discovery_get_top_traders, discovery_get_trader_state, and leaderboard_get_markets to ingest other users' trader metadata and leaderboard/market positioning (user-generated/untrusted content) and directly uses that data to score signals and call create_position, so third‑party content can materially influence actions.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is explicitly a trading strategy designed to open market positions. It references wallet configuration (runtime.yaml, config/sentinel-config.json with "Wallet"), runtime installation/commands (openclaw senpi runtime create/status), a DSL plugin for trading, and operational rules about entries/positions (MAX 2 POSITIONS, MAX 4 ENTRIES PER DAY, "enter" on trader convergence). These are specific, finance-focused controls and tooling for executing trades and managing a trading budget, not generic automation — therefore it grants direct financial execution capability.