You're claiming that SHA1 has been broken, but it hasn't. Have a closer look at what's actually stated at [2].
Edit: from your [1] link I see that the hashing algorithm used in a mgnet link isn't actually fixed, and MD5 is one option. So yeah, I guess you actually can't trust the immutability of a magnet link without checking it's doesn't contain urn:md5 or urn:kzhash.
It has nothing to do with whether the hashing algorithm is "fixed" or not, it has to do with what you're hashing.
The thing being hashed (according to BEP0003) is the bencoded form of the info value from the metainfo file. What's the "info" value? Why it's a list of dictionaries that (are also bencoded) contain:
* pathnames for each file
* the length of each file
* a list of hashes for each chunk of each file
* whatever else you want: the thing is extensible.
If you can introduce whatever you want, you can start with something valid, and introduce invalid chunks until it collides. If you can do this, you can force a collision for around £150k and a month[2].
Edit: from your [1] link I see that the hashing algorithm used in a mgnet link isn't actually fixed, and MD5 is one option. So yeah, I guess you actually can't trust the immutability of a magnet link without checking it's doesn't contain urn:md5 or urn:kzhash.