nansen-token-transfer-analysis
Pass
Audited by Gen Agent Trust Hub on Mar 28, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: Fetches and installs the 'nansen-cli' package from the public Node.js package registry (npm). This is a standard dependency for the skill's stated purpose of analyzing blockchain data.- [COMMAND_EXECUTION]: Executes the 'nansen' command-line tool to retrieve token transfer and flow data. The execution environment is restricted to the 'nansen' binary, minimizing the risk of arbitrary command injection.- [CREDENTIALS_UNSAFE]: Uses the 'NANSEN_API_KEY' environment variable for authentication, which is a secure and recommended practice for managing API credentials. No hardcoded secrets or sensitive keys were found in the instructions.- [DATA_EXFILTRATION]: Communicates with Nansen's official blockchain analytics services via its CLI tool. The data flow is consistent with the primary purpose of the skill and does not target unauthorized external domains.
Audit Metadata