nansen-wallet-network
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses the 'nansen' CLI tool to analyze blockchain transactions and wallet relationships. This tool is a resource provided by the author 'nansen-ai'.
- [PROMPT_INJECTION]: There is a vulnerability to indirect prompt injection or command injection because user input is interpolated directly into shell commands without sanitization.
- Ingestion points: Wallet address and chain variables in the bash script block within 'SKILL.md'.
- Boundary markers: No delimiters are used to separate user-provided data from command logic.
- Capability inventory: The skill performs shell command execution with parameters.
- Sanitization: No input filtering or escaping is implemented for the interpolated variables.
Audit Metadata