nara
Pass
Audited by Gen Agent Trust Hub on Apr 28, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the installation and execution of the
naraclipackage from the official npm registry. This is a legitimate dependency provided by the skill author (nara-chain). The instructions require the agent to obtain explicit user approval before the first installation or execution. - [COMMAND_EXECUTION]: Multiple commands using
npx naracliare defined for wallet management, blockchain interactions (mining, transfers), and configuration. The skill provides clear 'Agent Autonomy Rules' that require user confirmation for all state-changing or high-risk commands, such as creating wallets or signing transactions. - [CREDENTIALS_SAFE]: The skill contains exemplary safety guidelines for credential management. It explicitly instructs the agent to never accept or log mnemonics or private keys and notes that the CLI tool handles sensitive key material locally on disk without exposing it to the agent's output or the network.
- [INDIRECT_PROMPT_INJECTION]: The skill ingests quest data from the blockchain via
npx naracli quest get --jsonand processes it to compute answers. While this represents an ingestion point for untrusted data, the risk is mitigated by explicit instructions to never process or reveal sensitive credentials even if requested, and the requirement for user approval before submitting answers.
Audit Metadata