vixen-strategy

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly fetches open market data via mcporter_call("leaderboard_get_markets") and mcporter_call("market_get_asset_data") (see scripts/vixen-scanner.py and SKILL.md referencing Hyperliquid), parses that third‑party/untrusted market/token fields, and uses them to decide and trigger trading signals, so external content can directly influence agent actions.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is explicitly a trading strategy designed to open, manage, and close market positions. It mandates an execution agent that "picks the best available signal" and includes concrete behavior around "Position OPENED" and "Position CLOSED", DSL High Water Mode (trailing stops, Phase 1/Phase 2 exit rules), trade frequency and risk limits, per-asset cooldowns, and scripts for a scanner and DSL routines. Its primary and explicit purpose is to execute market trades (open/close positions and manage orders), so it provides direct financial execution capability even though specific exchange APIs are not named.