nansen-search
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill installs the
nansen-clipackage via Node.js (npm). This is the primary tool used by the skill to interact with the Nansen API. - [COMMAND_EXECUTION]: Utilizes bash to execute
nansenCLI commands. Access is restricted to thenansenbinary using a wildcard pattern (nansen:*), which follows the principle of least privilege. - [PROMPT_INJECTION]: The skill processes external data from the Nansen API (token names, entities). While this creates a surface for indirect prompt injection, the tool's capabilities are limited to research queries, minimizing the risk of exploitation.
- Ingestion points: Output of
nansen research searchin SKILL.md. - Boundary markers: None present.
- Capability inventory: Limited to
nansenCLI commands. - Sanitization: None mentioned.
Audit Metadata