nostr-bunker-integration

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.90). The prompt explicitly shows and uses connection secrets embedded in bunker:// and nostrconnect:// URIs, prints/outputs those URIs (and even includes a CLI example with secret=mysecret), which requires including secret values verbatim in generated URIs/commands and therefore creates an exfiltration risk.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's required workflow/subroutines explicitly subscribe to and decrypt kind:24133 events from public Nostr relays (e.g., wss://relay.damus.io) and perform NIP-89/NIP-05 discovery and must open auth URLs and obey signer-directed commands like switch_relays, so it ingests untrusted, user-generated third‑party content that can change agent behavior (see SKILL.md steps 2b–2d, 2e, and 3f).