nexus-sdk-bridge-flows
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [Safe] (SAFE): No malicious code or commands were identified in the skill. The content is purely instructional documentation for an external SDK.
- [Data Exposure] (SAFE): No hardcoded credentials, sensitive file paths, or private information were found within the provided documentation.
- [Indirect Prompt Injection] (SAFE): The skill documents methods that accept arbitrary data for contract execution (e.g., sdk.execute). While this constitutes a high-capability interface, no malicious injection surface was observed. 1. Ingestion points: User-provided transaction parameters (to, data, amount). 2. Boundary markers: None specified. 3. Capability inventory: sdk.execute (contract call), sdk.bridge (token transfer). 4. Sanitization: Not defined in documentation; relies on the underlying SDK and agent implementation.
Audit Metadata