The Agent Skills Directory

[SAFE]: The skill provides architectural guidance for building Nostr clients. The technical patterns described are consistent with established protocols (NIP-01, NIP-42, NIP-65).
[COMMAND_EXECUTION]: No evidence of arbitrary command execution or shell injection. The logic is focused on WebSocket management and state machine implementations.
[DATA_EXFILTRATION]: No unauthorized data harvesting or exfiltration patterns were found. The skill correctly implements NIP-42 authentication using signed events as required by the protocol.
[REMOTE_CODE_EXECUTION]: The skill does not download or execute remote scripts. It uses standard WebSockets for communication with relays specified by the user or client configuration.
[INDIRECT_PROMPT_INJECTION]: The skill manages untrusted data from Nostr relays (events). While this constitutes an attack surface if the content is later processed by an LLM, the provided patterns focus on protocol-level management (EOSE, OK, CLOSED messages) rather than natural language processing of event content.
Ingestion points: Events received via WebSocket in handleMessage and handleEvent within references/relay-pool.md.
Boundary markers: Not explicitly defined for LLM processing as the skill focuses on technical architecture.
Capability inventory: Limited to WebSocket communication, local caching (IndexedDB/SQLite), and UI state updates.
Sanitization: Standard JSON parsing is used for protocol messages.

nostr-client-patterns