indigo-cdp
Pass
Audited by Gen Agent Trust Hub on Mar 11, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill identifies a dependency on the
@indigoprotocol/indigo-mcpserver. This is a legitimate resource provided by the skill author for interacting with the Indigo Protocol. - [PROMPT_INJECTION]: The skill implements an interface for processing external, untrusted data which presents a surface for indirect prompt injection.
- Ingestion points: User-provided Cardano bech32 addresses and transaction hashes are ingested through parameters in files like
sub-skills/cdp-basics.mdandsub-skills/cdp-health.md. - Boundary markers: The documentation does not specify the use of clear delimiters or instructions to ignore embedded commands within the ingested data.
- Capability inventory: The skill provides tools for financial operations on the Indigo Protocol, including opening CDPs and minting synthetic assets.
- Sanitization: There is no explicit mention of data sanitization or validation logic within the provided skill markdown files.
- [SAFE]: The skill is designed with a safety-first approach for blockchain interactions. All write operations return unsigned transaction CBOR hex strings, ensuring the agent cannot independently move funds or alter protocol state without the user's explicit signing and submission through a wallet.
Audit Metadata