using-nostr
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill utilizes the nostr-sdk package, which is hosted on the author's GitHub repository. This is a standard vendor resource for the skill's functionality.
- [PROMPT_INJECTION]: The skill is exposed to indirect prompt injection because it ingests untrusted text from the Nostr network.
- Ingestion points: External data is retrieved via get_global_feed and receive_messages in SKILL.md.
- Boundary markers: There are no markers used to isolate external content from the agent's instructions in the examples provided.
- Capability inventory: The skill can perform network operations like broadcasting notes.
- Sanitization: The implementation does not show sanitization of retrieved Nostr event content.
Audit Metadata