nano-return-funds
Pass
Audited by Gen Agent Trust Hub on May 3, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill fetches and executes the xno-skills package from the npm registry using package runners like bunx, npx, and pnpm.
- [COMMAND_EXECUTION]: The agent interacts with the Nano protocol by executing shell commands through the xno-skills CLI tool as part of the refund workflow.
- [REMOTE_CODE_EXECUTION]: The skill utilizes runtime execution of code from the npm registry to invoke vendor-approved CLI tools.
- [INDIRECT_PROMPT_INJECTION]: The skill processes external transaction data to identify refund targets. Ingestion points: transaction history and payment request data (SKILL.md). Boundary markers: None explicitly defined for data interpolation. Capability inventory: The skill can execute fund transfers via the send and payment_request_refund tools. Sanitization: The process requires mandatory operator confirmation and address validation before any funds are sent.
- [SAFE]: Comprehensive safety protocols are defined, such as verifying account states via RPC, using address validation tools, and requiring explicit operator confirmation before any transactions occur.
Audit Metadata