nansen-web-search
Pass
Audited by Gen Agent Trust Hub on Mar 16, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill installs the 'nansen-cli' Node.js package, which is an official resource associated with the author 'nansen-ai'.
- [PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection by retrieving and processing external data from the web. Ingestion points: Web search result snippets and knowledge graph data returned by the 'nansen web search' command in 'SKILL.md'. Boundary markers: Absent; there are no specific delimiters or instructions provided to the agent to separate search results from system instructions or to ignore embedded directives. Capability inventory: The skill allows execution of 'nansen' CLI commands through the Bash tool as defined in the 'allowed-tools' section. Sanitization: No content sanitization or filtering logic is mentioned to prevent the processing of instructions contained within the retrieved web data.
Audit Metadata