nansen-wallet-keychain-migration

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill instructs the agent to request or read the wallet password and even shows commands that embed the password verbatim into shell invocations (e.g., NANSEN_WALLET_PASSWORD="<new_password_from_user>"), which requires the LLM to handle/output secret values directly.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is explicitly about managing a crypto wallet: it uses nansen-cli wallet commands (nansen wallet export, nansen wallet create, nansen wallet secure, nansen wallet forget-password) to access/export private keys, persist or remove wallet passwords, and create new wallets. These are concrete crypto/blockchain wallet operations (handling private keys and password migration), which fall under the "Crypto/Blockchain (Wallets, Swaps, Signing)" category in the core rule. This is specifically designed for wallet key management rather than being a generic tool, so it constitutes direct financial execution capability.