addon-nostr-client-nextjs

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill explicitly subscribes to public Nostr relays (e.g., via NEXT_PUBLIC_NOSTR_RELAYS defaulting to wss://relay.damus.io,wss://nos.lol and the "Implement read path: Create relay pool/client; Subscribe by filters" steps and client/filters code), meaning it ingests untrusted, user-generated events from third-party relays which the agent is expected to read/normalize and which could influence behavior, so it exposes the agent to indirect prompt injection risk.