nexus-sdk-integration
Pass
Audited by Gen Agent Trust Hub on Feb 18, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADS
Full Analysis
- [EXTERNAL_DOWNLOADS] (SAFE): The skill suggests installing
@avail-project/nexus-corevia standard package managers. This is a legitimate scoped package for the Avail project and matches the skill's stated purpose. - [DATA_EXPOSURE] (SAFE): The skill asks the agent to request wallet connection details (EIP-1193 provider). This is a functional requirement for blockchain integration and no evidence of automated exfiltration or credential harvesting was found.
- [PROMPT_INJECTION] (SAFE): No instructions attempting to bypass safety filters or override system prompts were detected.
- [INDIRECT_PROMPT_INJECTION] (SAFE): The skill defines an input surface for user-provided configuration (network, runtime). However, the skill acts as a documentation and orchestration guide and does not pass these inputs to dangerous sinks like eval or system commands.
Audit Metadata