using-nostr

This is a documentation/skill file for using the nostr-sdk to post and receive public posts and encrypted direct messages on the Nostr network. Its capabilities align with its stated purpose. The only sensitive element is the need for the user's nsec private key — that is expected for signing/encryption, but it represents a high-value secret and must never be uploaded, logged, or sent to third-party services. I found no direct signs of malicious behavior, obfuscated payloads, download-and-execute patterns, or third-party credential harvesting in this file. The main risk is user misuse (committing keys, logging them) or a malicious/buggy nostr-sdk implementation; audit the SDK code itself before handing secret keys to it.