Skills
skills/flux-point-studios/cardano-agent-skills/cardano-mcp-transactions/Gen Agent Trust Hub

cardano-mcp-transactions

Pass

Audited by Gen Agent Trust Hub on Mar 20, 2026

Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection (Category 8) because it processes untrusted binary data (CBOR hex) provided by external sources or users.
  • Ingestion points: The submit_transaction tool accepts a cbor string which can be sourced from untrusted dApp APIs or external files.
  • Boundary markers: The skill establishes manual boundaries by requiring a "Transaction Preview" (Rule 1) and a confirmation step (Rule 2), although these are instructions for the agent rather than programmatic enforcement.
  • Capability inventory: The skill possesses the capability to broadcast transactions to the blockchain via submit_transaction, which is a high-impact write operation involving financial assets.
  • Sanitization: There is no automatic validation or sanitization of the CBOR content; the skill relies on the agent's ability to decode and summarize the data accurately before the user approves it.
  • [EXTERNAL_DOWNLOADS]: The skill provides an informative reference to an external GitHub repository for the Cardano MCP server (https://github.com/IndigoProtocol/cardano-mcp). This is documented as a reference link and does not involve automated script execution or unverified binary downloads during the skill's runtime.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 20, 2026, 09:48 AM