vulture-strategy

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The required runtime setup fetches files from raw.githubusercontent.com and the scanner (scripts/vulture-scanner.py) calls public-facing tools like leaderboard_get_markets and market_get_funding_history to ingest market/leaderboard data which the agent programmatically reads and uses to drive trading entries, so public/untrusted third‑party content can materially influence its actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 1.00). The skill's runtime install explicitly curls remote code from raw GitHub URLs (e.g. https://raw.githubusercontent.com/Senpi-ai/senpi-skills/main/vulture/scripts/vulture-scanner.py) and the fetched Python script is then run by the scanner cron (python3 .../vulture-scanner.py), so external content is fetched at setup and directly executed/controls the agent's behavior.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is explicitly a crypto trading strategy: it targets perp markets (small/mid-cap tokens), specifies leverage, margin per position, max positions, hard stop drawdown, and detailed entry/exit rules. The runtime setup requires inserting a STRATEGY_WALLET_ADDRESS into runtime.yaml and installing a trading runtime (openclaw senpi runtime create) plus running scripts (vulture-scanner.py) on a cron. These elements indicate direct execution of market orders against crypto assets and use of a wallet for trading, not a generic tool. Therefore it grants direct financial execution capability.