addon-nostr-nip-sync-lock
Pass
Audited by Gen Agent Trust Hub on Mar 4, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The
scripts/sync_nips_lock.pyscript fetches Markdown files from the officialnostr-protocol/nipsrepository on GitHub (raw.githubusercontent.com). This is a well-known public repository used for the intended purpose of syncing protocol specifications. - [COMMAND_EXECUTION]: The skill instructions include a
python3command to execute the provided sync script. This execution is local, uses the script bundled within the skill, and is used to generate a JSON lockfile based on user-provided parameters. - [DATA_EXPOSURE]: The script reads remote Markdown files and writes a JSON metadata file to a user-specified path (
--out). It does not access sensitive local files or environment variables.
Audit Metadata