nostr-social-graph

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly fetches and processes public, user-generated Nostr events and relay metadata from open indexer/relay URLs (see SKILL.md "Implement the Outbox Model" / "Workflow" steps and references/outbox-model.md resolveRelayList/buildFeedSubscriptions which query well-known public relays like wss://purplepag.es and pool.querySync(INDEXER_RELAYS)), and that third-party content is parsed and used to decide subscriptions, relay routing, and publishing behavior—allowing indirect instructions in incoming events to influence agent actions.