ordinals-p2p
Pass
Audited by Gen Agent Trust Hub on Mar 17, 2026
Risk Level: SAFEDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [DATA_EXFILTRATION]: The skill performs network operations to an external, non-whitelisted API at ledger.drx4.xyz to fetch and post trade data, including Bitcoin message signatures derived from the agent's wallet.
- [PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection via the untrusted data it ingests from the external ledger API.
- Ingestion points: The list-trades, get-trade, my-trades, and agents actions in ordinals-p2p/ordinals-p2p.ts fetch JSON data from https://ledger.drx4.xyz.
- Boundary markers: The skill does not implement boundary markers or instructions to disregard embedded commands in the fetched data.
- Capability inventory: The skill has access to the user's wallet and can perform authenticated write actions (signing and posting transactions) on the ledger.
- Sanitization: No sanitization or content filtering is applied to the data retrieved from the remote API before it is processed or displayed.
Audit Metadata