Skills
skills/casualsecurityinc/xno-skills/nano-create-wallet/Gen Agent Trust Hub

nano-create-wallet

Warn

Audited by Gen Agent Trust Hub on May 3, 2026

Risk Level: MEDIUMEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill instructions mandate downloading and running packages from the npm registry at runtime using tools like bunx, npx, or pnpm. It specifically references xno-skills and @open-wallet-standard/core.
  • [REMOTE_CODE_EXECUTION]: By requiring the use of the @latest tag and the --yes flag with bunx and npx, the skill facilitates the execution of remote code from the npm registry without version pinning or manual verification, introducing a supply chain vulnerability.
  • [COMMAND_EXECUTION]: The skill uses shell execution environments (bunx, npx, pnpm dlx) to perform wallet management tasks.
  • [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface by interpolating untrusted user data, such as wallet names and mnemonics, into shell command arguments.
  • Ingestion points: User-provided mnemonics and wallet names (SKILL.md).
  • Boundary markers: None identified.
  • Capability inventory: Shell command execution via bunx, npx, and pnpm (SKILL.md).
  • Sanitization: No sanitization or validation of user-provided strings is mentioned before they are passed to the CLI.
Audit Metadata
Risk Level
MEDIUM
Analyzed
May 3, 2026, 05:24 AM