nansen-alerts-webhook-listener
Pass
Audited by Gen Agent Trust Hub on Apr 11, 2026
Risk Level: SAFE
Full Analysis
- [REMOTE_CODE_EXECUTION]: An automated alert identified a command piping curl output to node. Detailed technical analysis confirms this is a false detection; the command
curl -s http://127.0.0.1:4040/api/tunnels | node -e ...uses Node.js as a JSON parser to extract a URL from a local ngrok API, not to execute code from a remote source. - [COMMAND_EXECUTION]: The skill uses local Node.js commands to generate a secure 32-byte hexadecimal secret and to process metadata from a local tunnel endpoint. These are standard utility operations that do not involve untrusted inputs.
- [EXTERNAL_DOWNLOADS]: The skill recommends using well-known developer services like ngrok and localtunnel for webhook exposure. These are established tools and their use here is consistent with the skill's primary purpose.
- [DATA_EXFILTRATION]: No data exfiltration was found. The skill facilitates the ingestion of authenticated webhook data and implements signature verification to ensure only valid payloads from Nansen are processed.
- [PROMPT_INJECTION]: No patterns of behavior override, safety bypass, or system prompt extraction were detected.
Audit Metadata