nansen-perp
Warn
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONCREDENTIALS_UNSAFEPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill installs the 'nansen-cli' Node.js package. This dependency is not from a trusted vendor list or the skill author, and lacks official attribution to the Nansen organization, posing a potential supply-chain risk.
- [COMMAND_EXECUTION]: The skill uses the Bash tool to execute commands using the binary provided by the unverified external package.
- [CREDENTIALS_UNSAFE]: The skill requires a 'NANSEN_API_KEY' provided via environment variables. The security of this sensitive credential depends on the handling logic of the third-party 'nansen' binary.
- [PROMPT_INJECTION]: The skill processes external market data from perpetual markets, which creates a surface for indirect prompt injection. Ingestion points: CLI output from the 'nansen research' commands. Boundary markers: No delimiters or specific instructions are provided to ignore embedded instructions in the tool output. Capability inventory: The agent has access to the Bash tool for command execution. Sanitization: There is no evidence of sanitization or filtering of the external data before it is processed by the agent.
Audit Metadata