spider-strategy

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's runtime (scripts/spider-scanner.py and spider_config.py) calls mcporter tools like discovery_get_top_traders, leaderboard_get_trader_positions, and leaderboard_get_markets to ingest public/user-generated trader positions and market velocity from the platform, and those live third-party data directly drive scoring and automated create_position actions (so untrusted content can materially influence behavior).

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is explicitly a trading execution strategy: it auto-enters positions ("Enter highest-scoring convergence above threshold"), enforces leverage, max positions, entries/day, and cooldown, and references a wallet in runtime/config (runtime.yaml, config/spider-config.json) plus runtime commands (openclaw senpi runtime create/status) and a trading runtime plugin. These elements indicate it is specifically designed to place market/margin trades and operate a wallet — not a generic tool — so it provides direct financial execution capability.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (medium risk: 0.60). The prompt instructs the agent to modify files under /data/workspace, replace values in runtime.yaml, run installation commands (openclaw senpi runtime create) and create a recurring scanner cron job—actions that change the host's filesystem and scheduled tasks (stateful changes), though it does not request sudo or explicit privilege escalation.