pipes-template-dex-swaps
Warn
Audited by Gen Agent Trust Hub on Feb 23, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS] (MEDIUM): The documentation (SKILL.md) recommends installing and executing the
@iankressin/pipes-clipackage vianpx. This package is maintained by an unverified individual author rather than a trusted organization, posing a risk of supply chain attacks or malicious code execution during the initialization of the indexer.\n- [COMMAND_EXECUTION] (MEDIUM): The skill uses theMustachelibrary intransformer.tsto dynamically generate TypeScript source code based on configuration parameters. This pattern of runtime code generation increases the attack surface for code injection if the input parameters (likeprotocolNameorcontractAddresses) are sourced from untrusted or user-provided configuration files.\n- [PROMPT_INJECTION] (LOW): The skill is susceptible to indirect prompt injection as it processes untrusted blockchain event data.\n - Ingestion points: Blockchain events (Swap events) are ingested via the
evmDecoderintransformer.ts.\n - Boundary markers: There are no explicit instructions or delimiters used to prevent the agent from misinterpreting data within event logs as instructions.\n
- Capability inventory: The system is configured to write processed data to PostgreSQL and ClickHouse databases, providing a persistence vector for external data.\n
- Sanitization: While basic type casting (e.g.,
Number()) occurs in the transformer, there is no validation for malicious content within transaction-related strings such as sender or recipient addresses.
Audit Metadata