Skills
skills/nansen-ai/nansen-cli/nansen-smart-money-trend/Gen Agent Trust Hub

nansen-smart-money-trend

Pass

Audited by Gen Agent Trust Hub on Mar 17, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses the nansen CLI to execute research queries for token netflows, holder lists, and DEX trades.
  • [EXTERNAL_DOWNLOADS]: The skill installs the nansen-cli package via Node.js. This is a legitimate vendor resource provided by nansen-ai and is required for the skill's functionality.
  • [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface by reading external data.
  • Ingestion points: Research data from nansen research commands (e.g., wallet labels, flow intelligence) enters the agent context in SKILL.md.
  • Boundary markers: There are no explicit markers or instructions provided to the agent to ignore potentially malicious instructions embedded in the API data.
  • Capability inventory: The skill is restricted to Bash execution for the nansen:* toolset.
  • Sanitization: No sanitization or validation of the tool's output is performed before it is analyzed by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 17, 2026, 06:43 AM