nostr-nip05-setup

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's SKILL.md verification flow and testing steps explicitly instruct fetching and parsing arbitrary public /.well-known/nostr.json endpoints (e.g., "Client fetches https://example.com/.well-known/nostr.json?name=bob" and curl tests), meaning the agent would ingest untrusted third‑party content that can change verification and follow-up actions.