Skills
skills/senpi-ai/senpi-skills/wolf-howl/Gen Agent Trust Hub

wolf-howl

Pass

Audited by Gen Agent Trust Hub on Mar 19, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
  • [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface because the sub-agent processes data from external trade logs and memory files.
  • Ingestion points: Reads from daily memory logs, dsl-state JSON files, and trade history via mcporter.
  • Boundary markers: The analysis prompt in references/analysis-prompt.md lacks delimiters or specific instructions to ignore embedded commands in the processed data.
  • Capability inventory: The sub-agent can write to the filesystem, query financial APIs, and send messages via the Telegram message tool.
  • Sanitization: There is no evidence of data sanitization or validation before interpolation into the sub-agent context.
  • [COMMAND_EXECUTION]: The scripts/howl-setup.py script facilitates the creation of a persistent cron job that executes agent turns on a daily schedule.
  • [DATA_EXFILTRATION]: The skill collects and transmits sensitive account data, including wallet addresses and trade performance metrics, to a remote Telegram chat ID.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 19, 2026, 11:44 PM