nansen-wallet-manager

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt instructs agents to ask for API keys/passwords and to embed them verbatim in commands or env assignments (e.g., nansen login --api-key <key>, NANSEN_WALLET_PASSWORD="<password>"), which requires the LLM to handle secrets directly and creates exfiltration risk.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is explicitly a crypto wallet manager with commands to create wallets (including server-side Privy wallets intended "for agents, automated workflows"), and to send tokens/native currency (nansen wallet send --to --amount ... --chain ..., --max, --dry-run). It exposes server-side key management via PRIVY_APP_ID/PRIVY_APP_SECRET and documents agent-specific flows (no password for Privy, intended for agent automation). These are specific tools/functions to move crypto funds and sign/send transactions, so it provides direct financial execution capability.