addon-nostr-nip23-longform

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly tells the integration to use configurable public Nostr relays (LONGFORM_RELAYS) and its Integration Workflow/read flow requires querying and normalizing kind:30023 events from those relays, which are user-generated, untrusted third-party content that the agent will read and act on.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill explicitly requires and documents a "sign + publish" flow and directs using a browser signer (NIP-07) or a project signer abstraction, plus guidance on private key handling. That is explicit cryptographic signing functionality (NIP-07 signing), which falls under the "Crypto/Blockchain (... Signing)" item in the Direct Financial Execution criteria. Even though the skill targets Nostr long-form events (not a payment gateway), the presence of explicit signing APIs/flows and private key management constitutes direct execution authority per the provided decision logic.