Skills
skills/casualsecurityinc/xno-skills/nano-check-balance/Gen Agent Trust Hub

nano-check-balance

Pass

Audited by Gen Agent Trust Hub on May 3, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill instructs the agent to execute shell commands using bunx, pnpm, or npx to interact with the Nano protocol via the xno-skills CLI tool.
  • [EXTERNAL_DOWNLOADS]: The skill mandates downloading and running the xno-skills package from the npm registry at runtime using the @latest tag. This package is a resource associated with the skill's author.
  • [PROMPT_INJECTION]: The skill demonstrates an indirect prompt injection surface (Category 8c) because it processes untrusted data from external Nano RPC endpoints to determine account balances.
  • Ingestion points: RPC response data (balance and pending amounts) fetched from public nodes such as https://rainstorm.city/api or user-defined URLs in SKILL.md.
  • Boundary markers: Absent; the instructions do not specify delimiters to isolate external data from the agent's core instructions.
  • Capability inventory: The agent is authorized to execute xno-skills CLI commands and perform wallet operations like receive based on the state of the ingested data.
  • Sanitization: No validation or sanitization of the RPC response content is described before interpolation into the agent's context.
Audit Metadata
Risk Level
SAFE
Analyzed
May 3, 2026, 05:24 AM