indigo-ipfs
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The
retrieve_from_ipfstool enables the ingestion of untrusted text content from the IPFS network, which could contain malicious instructions designed to manipulate the agent's behavior. - Ingestion points: Data retrieved using the
retrieve_from_ipfstool as defined inSKILL.mdandsub-skills/ipfs-storage.md. - Boundary markers: The skill lacks instructions to delineate retrieved content or to ignore any embedded directives.
- Capability inventory: Includes IPFS content storage and retrieval, and querying of protocol collector UTXOs.
- Sanitization: No validation or sanitization of content fetched from IPFS is performed before the agent processes it.
Audit Metadata