nansen-x
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill ingests untrusted content from X (Twitter) posts, creating a surface for indirect prompt injection. * Ingestion points: Data retrieved via nansen research x subcommands in SKILL.md. * Boundary markers: None defined; tweet content is passed directly to the agent without delimiters. * Capability inventory: Access to the nansen CLI via Bash in SKILL.md. * Sanitization: No sanitization of the retrieved social media text is performed.
- [EXTERNAL_DOWNLOADS]: The skill installs the nansen-cli Node.js package to provide its core analytics functionality.
Audit Metadata