The Agent Skills Directory

[COMMAND_EXECUTION]: The skill interpolates user-provided variables $TOKEN and $CHAIN directly into shell commands. 1. Ingestion points: $TOKEN and $CHAIN variables in SKILL.md. 2. Boundary markers: Absent. 3. Capability inventory: Execution of 'nansen research' commands via the Bash tool. 4. Sanitization: None present in the skill definition. This interpolation creates a surface for indirect prompt injection where malicious input could attempt to bypass intended tool logic.
[EXTERNAL_DOWNLOADS]: The skill specifies the installation of the nansen-cli Node.js package to provide the required command-line utility for token research.

nansen-holder-analysis