addon-nostr-client-nextjs
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill defines a dependency on 'nostr-tools' and 'zod'. These are standard, widely-used, and reputable libraries in the JavaScript ecosystem for Nostr protocol support and schema validation.
- [COMMAND_EXECUTION]: The integration workflow utilizes standard Bun shell commands ('bun add', 'bun run') for package management and typical build lifecycle tasks.
- [DATA_EXFILTRATION]: The client connects to well-known public Nostr relays (such as wss://relay.damus.io) to fetch and publish events. This is the core functionality of the client and follows established protocol standards.
- [PROMPT_INJECTION]: While the skill processes external Nostr events, it includes explicit guardrails and instructions for sanitizing user-controlled filters and validating all incoming/outgoing payloads using Zod, mitigating potential indirect injection risks.
Audit Metadata