nostr-client-patterns

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly ingests and acts on untrusted, user-generated content from public Nostr relays (via WebSocket messages like ["EVENT", ...], ["OK", ...], ["CLOSED", ...], ["AUTH", ...] and kind:10002 relay-list events) as described in SKILL.md and references/relay-pool.md—using that content to choose relays, authenticate, change subscription state, and drive publish/retry logic—so third-party messages can materially influence agent behavior.