concepts

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt includes explicit CLI examples that pass a private key as a command-line argument (e.g., --private-key "your-key"), which encourages embedding secret/private-key values verbatim in generated commands or outputs.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The SKILL.md explicitly describes discovering services and reading service announcements from public Nostr relays (e.g., wss://relay.nostr.org) — open, user-published feeds that the agent would ingest and act on, so untrusted third-party content could influence tool use and decisions.