ClawHub

Nansen Web Searcher

AdvisoryAudited by Static analysis on Apr 30, 2026.

Overview

No suspicious patterns detected.

Findings (0)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Note
ASI02: Tool Misuse and Exploitation
What this means

The agent can invoke the Nansen CLI, so accidental use of non-search Nansen commands would depend on what that CLI supports.

Why it was flagged

The skill allows Bash execution for any nansen CLI command pattern. This is expected for a CLI-based search skill, but it is broader than just the documented web search command.

Skill content
allowed-tools: Bash(nansen:*)
Recommendation

Use this skill for the documented web search or web fetch functions and review any request that goes beyond search-oriented Nansen commands.

Note
ASI04: Agentic Supply Chain Vulnerabilities
What this means

Installing the skill adds a local CLI dependency that will run when the agent performs searches.

Why it was flagged

The skill relies on installing an external Node package to provide the CLI binary. This is aligned with the stated purpose, but users must trust the installed package.

Skill content
install:
      - kind: node
        package: nansen-cli
        bins: [nansen]
Recommendation

Install only if you trust the nansen-cli package source and keep the package updated through normal trusted channels.

Note
ASI03: Identity and Privilege Abuse
What this means

The agent will be able to use the configured Nansen API key when running the CLI.

Why it was flagged

The skill requires a Nansen API key. That credential is expected for a Nansen integration and is disclosed in the artifact.

Skill content
requires:
      env:
        - NANSEN_API_KEY
      bins:
        - nansen
    primaryEnv: NANSEN_API_KEY
Recommendation

Use a least-privilege API key if available, avoid sharing the key in prompts, and rotate it if you suspect exposure.

Note
ASI07: Insecure Inter-Agent Communication
What this means

Search terms may be visible to the external search provider, so confidential data in queries could be exposed.

Why it was flagged

The artifact discloses that web searches are performed through an external API provider, meaning query text is sent outside the local environment.

Skill content
Search the web for one or more queries in parallel via the Serper API.
Recommendation

Do not include secrets, private keys, unreleased business information, or other sensitive content in search queries.