check-balance
Pass
Audited by Gen Agent Trust Hub on Mar 18, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill utilizes
npx -y xno-skills, which downloads and executes thexno-skillspackage from the npm registry at runtime. - [COMMAND_EXECUTION]: Provides several CLI commands intended for local shell execution to query account information and manage wallet state.
- [DATA_EXFILTRATION]: Includes a clear security warning to protect user credentials, specifically advising against pasting mnemonics into the chat interface and suggesting the use of standard input for local tools.
- [SAFE]: Recommends established and reputable community RPC nodes for the Nano network, such as those provided by the Nano Foundation and Natrium.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it processes data from external RPC endpoints. Ingestion points: Transaction and balance data returned from user-defined or public RPC nodes (SKILL.md). Boundary markers: None present to distinguish data from instructions. Capability inventory: Includes commands like
wallet_receiveandwallet_probe_balanceswhich perform actions based on the ingested state (SKILL.md). Sanitization: No sanitization or validation logic for RPC responses is described.
Audit Metadata