addon-nostr-key-custody
Pass
Audited by Gen Agent Trust Hub on Mar 11, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill defines a secure architecture for Nostr key management that mandates client-side encryption using the WebCrypto API and passphrase-derived keys, ensuring plaintext secrets are never stored.
- [SAFE]: Explicit security guardrails are included to prevent the transmission of private keys to server-side components and to forbid storing sensitive material in public environment variables.
- [SAFE]: The skill uses industry-standard libraries such as nostr-tools and zod for cryptographic operations and data validation.
- [SAFE]: All command-line instructions provided for linting, building, and verification are standard development practices with no malicious intent detected.
Audit Metadata