Skills
skills/askeluv/nansen-cli/nansen-holder-quality/Gen Agent Trust Hub

nansen-holder-quality

Pass

Audited by Gen Agent Trust Hub on Mar 9, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill defines bash command templates for the nansen research tool that utilize shell variables ($TOKEN and $CHAIN) which are intended to be replaced with user-provided values.
  • [PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection via shell variable interpolation.
  • Ingestion points: Untrusted data enters the execution context through the $TOKEN and $CHAIN variables in SKILL.md.
  • Boundary markers: There are no markers or instructions provided to delimit user input or prevent the execution of embedded shell metacharacters.
  • Capability inventory: The skill facilitates the execution of CLI commands via a subprocess or shell environment.
  • Sanitization: The skill lacks instructions for validating or sanitizing the input provided to the variables, which could allow an attacker to supply malicious strings (e.g., ; rm -rf /) to execute arbitrary commands.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 9, 2026, 11:22 PM