wolf-strategy
Pass
Audited by Gen Agent Trust Hub on Mar 19, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: Indirect prompt injection surface identified through the skill's reliance on external market signals to trigger automated financial transactions.
- Ingestion points:
scripts/emerging-movers.pyandscripts/sm-flip-check.pyingest market concentration data and trader sentiment from Hyperliquid via theleaderboard_get_marketsMCP tool. - Boundary markers: The skill does not implement delimiters or secondary validation to distinguish between legitimate market trends and artificial data manipulation (e.g., wash trading or metadata spoofing) intended to trigger the bot's 'FIRST_JUMP' entry logic.
- Capability inventory: The system possesses significant financial capabilities, including opening and closing leveraged positions via
scripts/open-position.pyand thecreate_positionMCP tool. - Sanitization: While the skill applies quantitative filters (such as rank history and contribution velocity), it lacks security-focused sanitization to prevent the automated execution of malicious trades triggered by data poisoning.
Audit Metadata